Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-42740 (GCVE-0-2021-42740)
Vulnerability from cvelistv5 – Published: 2021-10-21 14:46 – Updated: 2024-08-04 03:38
VLAI
EPSS
Summary
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.npmjs.com/package/shell-quote | x_refsource_MISC |
| https://github.com/substack/node-shell-quote/blob… | x_refsource_CONFIRM |
| https://github.com/substack/node-shell-quote/comm… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:38:50.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.npmjs.com/package/shell-quote"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-21T14:46:08.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.npmjs.com/package/shell-quote"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42740",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.npmjs.com/package/shell-quote",
"refsource": "MISC",
"url": "https://www.npmjs.com/package/shell-quote"
},
{
"name": "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173",
"refsource": "CONFIRM",
"url": "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173"
},
{
"name": "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe",
"refsource": "CONFIRM",
"url": "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-42740",
"datePublished": "2021-10-21T14:46:08.000Z",
"dateReserved": "2021-10-20T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:38:50.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-42740",
"date": "2026-05-27",
"epss": "0.09042",
"percentile": "0.9275"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:shell-quote_project:shell-quote:*:*:*:*:*:node.js:*:*\", \"versionEndExcluding\": \"1.7.3\", \"matchCriteriaId\": \"15FCC4D6-BC95-4B63-BDDF-DB28E3E94A38\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.\"}, {\"lang\": \"es\", \"value\": \"El paquete shell-quote versiones anteriores a 1.7.3 para Node.js permite una inyecci\\u00f3n de comandos. Un atacante puede inyectar metacaracteres de shell sin esconder mediante una regex dise\\u00f1ada para soportar letras de unidad de Windows. Si la salida de este paquete se pasa a un shell real como un argumento citado a un comando con exec(), un atacante puede inyectar comandos arbitrarios. Esto es debido a que la clase de caracteres regex de la letra de unidad de Windows es {A-z] en lugar de la correcta {A-Za-z]. Se presentan varios metacaracteres del shell en el espacio entre la letra Z may\\u00fascula y la letra a min\\u00fascula, como el car\\u00e1cter backtick\"}]",
"id": "CVE-2021-42740",
"lastModified": "2024-11-21T06:28:04.853",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-10-21T15:15:07.633",
"references": "[{\"url\": \"https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.npmjs.com/package/shell-quote\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.npmjs.com/package/shell-quote\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-42740\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-10-21T15:15:07.633\",\"lastModified\":\"2024-11-21T06:28:04.853\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.\"},{\"lang\":\"es\",\"value\":\"El paquete shell-quote versiones anteriores a 1.7.3 para Node.js permite una inyecci\u00f3n de comandos. Un atacante puede inyectar metacaracteres de shell sin esconder mediante una regex dise\u00f1ada para soportar letras de unidad de Windows. Si la salida de este paquete se pasa a un shell real como un argumento citado a un comando con exec(), un atacante puede inyectar comandos arbitrarios. Esto es debido a que la clase de caracteres regex de la letra de unidad de Windows es {A-z] en lugar de la correcta {A-Za-z]. Se presentan varios metacaracteres del shell en el espacio entre la letra Z may\u00fascula y la letra a min\u00fascula, como el car\u00e1cter backtick\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:shell-quote_project:shell-quote:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"1.7.3\",\"matchCriteriaId\":\"15FCC4D6-BC95-4B63-BDDF-DB28E3E94A38\"}]}]}],\"references\":[{\"url\":\"https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.npmjs.com/package/shell-quote\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.npmjs.com/package/shell-quote\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
CERTFR-2023-AVI-0276
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une élévation de privilèges, une atteinte à l'intégrité des données, un contournement de la politique de sécurité, une injection de code indirecte à distance (XSS), une exécution de code arbitraire à distance, un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | IBM WebSphere Hybrid Edition 5.1 sans le correctif de sécurité APAR PH52925 | ||
| IBM | WebSphere | IBM WebSphere Automation versions antérieures à 1.5.2 | ||
| IBM | WebSphere | IBM WebSphere Application Server 9.0 sans le correctif de sécurité APAR PH52925 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP5 | ||
| IBM | Db2 | IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de sécurité 5733WQX | ||
| IBM | Spectrum | IBM Spectrum Protect Plus Server versions antérieures à 10.1.12.4 | ||
| IBM | N/A | IBM HTTP Server for i sans le correctif de sécurité 5770DG1 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP4 IF01 | ||
| IBM | QRadar User Behavior Analytics | QRadar User Behavior Analytics versions 1.0.0 à 4.1.10 antérieures à 4.1.11 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.4.3 FP9 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM WebSphere Hybrid Edition 5.1 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Automation versions ant\u00e9rieures \u00e0 1.5.2",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server 9.0 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP5",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de s\u00e9curit\u00e9 5733WQX",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus Server versions ant\u00e9rieures \u00e0 10.1.12.4",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server for i sans le correctif de s\u00e9curit\u00e9 5770DG1",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP4 IF01",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics versions 1.0.0 \u00e0 4.1.10 ant\u00e9rieures \u00e0 4.1.11",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.4.3 FP9",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-28733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28733"
},
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2020-24025",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24025"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2023-26283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26283"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-23825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23825"
},
{
"name": "CVE-2021-39227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39227"
},
{
"name": "CVE-2021-23364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23364"
},
{
"name": "CVE-2022-22971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22971"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2021-3677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3677"
},
{
"name": "CVE-2018-19797",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19797"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2018-19827",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19827"
},
{
"name": "CVE-2018-15494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15494"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2018-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11694"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"name": "CVE-2018-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8036"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2022-4883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4883"
},
{
"name": "CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40153"
},
{
"name": "CVE-2022-42252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42252"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2020-7764",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7764"
},
{
"name": "CVE-2022-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41946"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42581"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2022-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"name": "CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2019-10785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10785"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-37601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2021-23382",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23382"
},
{
"name": "CVE-2019-6286",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6286"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2020-5259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5259"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2018-19839",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19839"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2022-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4254"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2018-20821",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20821"
},
{
"name": "CVE-2022-45143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45143"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2019-6283",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6283"
},
{
"name": "CVE-2019-6284",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6284"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-25901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25901"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2022-22970",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22970"
},
{
"name": "CVE-2022-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1552"
},
{
"name": "CVE-2022-3676",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3676"
},
{
"name": "CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2022-34917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34917"
},
{
"name": "CVE-2021-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2022-43928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43928"
},
{
"name": "CVE-2021-42740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42740"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2018-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20190"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"name": "CVE-2022-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2625"
},
{
"name": "CVE-2022-40155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40155"
},
{
"name": "CVE-2022-23816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23816"
},
{
"name": "CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"name": "CVE-2018-19838",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19838"
},
{
"name": "CVE-2022-37599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
},
{
"name": "CVE-2021-23368",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23368"
},
{
"name": "CVE-2018-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11698"
},
{
"name": "CVE-2021-29060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
},
{
"name": "CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2022-25758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25758"
},
{
"name": "CVE-2021-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2022-37598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37598"
},
{
"name": "CVE-2022-24839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24839"
},
{
"name": "CVE-2022-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40154"
},
{
"name": "CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 20 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967365"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967333"
}
],
"reference": "CERTFR-2023-AVI-0276",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une \u00e9l\u00e9vation de\nprivil\u00e8ges, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, un contournement de\nla politique de s\u00e9curit\u00e9, une injection de code indirecte \u00e0 distance\n(XSS), une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967016 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967283 du 15 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967283"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 20 mars 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967285 du 28 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967285"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6966998 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6966998"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967315 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967315"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 30 mars 2023",
"url": null
}
]
}
CERTFR-2024-AVI-0630
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.14",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Data Synchronization App versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Network Packet Capture versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 Update Package 8",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-23364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23364"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2021-23436",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23436"
},
{
"name": "CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2024-29415",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29415"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2016-10540",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10540"
},
{
"name": "CVE-2020-28477",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28477"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2022-43441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43441"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-0842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0842"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2022-37601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-27088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27088"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"name": "CVE-2021-24033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24033"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2024-31905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31905"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2018-16487",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16487"
},
{
"name": "CVE-2021-42740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42740"
},
{
"name": "CVE-2016-10538",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10538"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2023-42282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2021-3757",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3757"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0630",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-26T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": "2024-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7161462",
"url": "https://www.ibm.com/support/pages/node/7161462"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7160961",
"url": "https://www.ibm.com/support/pages/node/7160961"
},
{
"published_at": "2024-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7160858",
"url": "https://www.ibm.com/support/pages/node/7160858"
}
]
}
CERTFR-2023-AVI-0276
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une élévation de privilèges, une atteinte à l'intégrité des données, un contournement de la politique de sécurité, une injection de code indirecte à distance (XSS), une exécution de code arbitraire à distance, un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | IBM WebSphere Hybrid Edition 5.1 sans le correctif de sécurité APAR PH52925 | ||
| IBM | WebSphere | IBM WebSphere Automation versions antérieures à 1.5.2 | ||
| IBM | WebSphere | IBM WebSphere Application Server 9.0 sans le correctif de sécurité APAR PH52925 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP5 | ||
| IBM | Db2 | IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de sécurité 5733WQX | ||
| IBM | Spectrum | IBM Spectrum Protect Plus Server versions antérieures à 10.1.12.4 | ||
| IBM | N/A | IBM HTTP Server for i sans le correctif de sécurité 5770DG1 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP4 IF01 | ||
| IBM | QRadar User Behavior Analytics | QRadar User Behavior Analytics versions 1.0.0 à 4.1.10 antérieures à 4.1.11 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.4.3 FP9 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM WebSphere Hybrid Edition 5.1 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Automation versions ant\u00e9rieures \u00e0 1.5.2",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server 9.0 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP5",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de s\u00e9curit\u00e9 5733WQX",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus Server versions ant\u00e9rieures \u00e0 10.1.12.4",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server for i sans le correctif de s\u00e9curit\u00e9 5770DG1",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP4 IF01",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics versions 1.0.0 \u00e0 4.1.10 ant\u00e9rieures \u00e0 4.1.11",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.4.3 FP9",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-28733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28733"
},
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2020-24025",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24025"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2023-26283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26283"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-23825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23825"
},
{
"name": "CVE-2021-39227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39227"
},
{
"name": "CVE-2021-23364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23364"
},
{
"name": "CVE-2022-22971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22971"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2021-3677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3677"
},
{
"name": "CVE-2018-19797",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19797"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2018-19827",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19827"
},
{
"name": "CVE-2018-15494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15494"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2018-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11694"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"name": "CVE-2018-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8036"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2022-4883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4883"
},
{
"name": "CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40153"
},
{
"name": "CVE-2022-42252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42252"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2020-7764",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7764"
},
{
"name": "CVE-2022-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41946"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42581"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2022-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"name": "CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2019-10785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10785"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-37601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2021-23382",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23382"
},
{
"name": "CVE-2019-6286",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6286"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2020-5259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5259"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2018-19839",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19839"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2022-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4254"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2018-20821",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20821"
},
{
"name": "CVE-2022-45143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45143"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2019-6283",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6283"
},
{
"name": "CVE-2019-6284",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6284"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-25901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25901"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2022-22970",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22970"
},
{
"name": "CVE-2022-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1552"
},
{
"name": "CVE-2022-3676",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3676"
},
{
"name": "CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2022-34917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34917"
},
{
"name": "CVE-2021-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2022-43928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43928"
},
{
"name": "CVE-2021-42740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42740"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2018-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20190"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"name": "CVE-2022-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2625"
},
{
"name": "CVE-2022-40155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40155"
},
{
"name": "CVE-2022-23816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23816"
},
{
"name": "CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"name": "CVE-2018-19838",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19838"
},
{
"name": "CVE-2022-37599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
},
{
"name": "CVE-2021-23368",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23368"
},
{
"name": "CVE-2018-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11698"
},
{
"name": "CVE-2021-29060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
},
{
"name": "CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2022-25758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25758"
},
{
"name": "CVE-2021-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2022-37598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37598"
},
{
"name": "CVE-2022-24839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24839"
},
{
"name": "CVE-2022-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40154"
},
{
"name": "CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 20 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967365"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967333"
}
],
"reference": "CERTFR-2023-AVI-0276",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une \u00e9l\u00e9vation de\nprivil\u00e8ges, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, un contournement de\nla politique de s\u00e9curit\u00e9, une injection de code indirecte \u00e0 distance\n(XSS), une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967016 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967283 du 15 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967283"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 20 mars 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967285 du 28 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967285"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6966998 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6966998"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967315 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967315"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 30 mars 2023",
"url": null
}
]
}
CERTFR-2024-AVI-0630
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.14",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Data Synchronization App versions ant\u00e9rieures \u00e0 3.2.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Network Packet Capture versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 Update Package 8",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2018-3721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3721"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-23364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23364"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2021-23436",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23436"
},
{
"name": "CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2024-29415",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29415"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2016-10540",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10540"
},
{
"name": "CVE-2020-28477",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28477"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2022-43441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43441"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-0842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0842"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2022-37601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2022-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3517"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2024-27088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27088"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"name": "CVE-2021-24033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24033"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2024-31905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31905"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2018-16487",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16487"
},
{
"name": "CVE-2021-42740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42740"
},
{
"name": "CVE-2016-10538",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10538"
},
{
"name": "CVE-2023-35001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2023-32233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
},
{
"name": "CVE-2023-42282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2021-3757",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3757"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0630",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-26T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": "2024-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7161462",
"url": "https://www.ibm.com/support/pages/node/7161462"
},
{
"published_at": "2024-07-23",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7160961",
"url": "https://www.ibm.com/support/pages/node/7160961"
},
{
"published_at": "2024-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7160858",
"url": "https://www.ibm.com/support/pages/node/7160858"
}
]
}
FKIE_CVE-2021-42740
Vulnerability from fkie_nvd - Published: 2021-10-21 15:15 - Updated: 2024-11-21 06:28
Severity
Summary
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| shell-quote_project | shell-quote | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:shell-quote_project:shell-quote:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "15FCC4D6-BC95-4B63-BDDF-DB28E3E94A38",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character."
},
{
"lang": "es",
"value": "El paquete shell-quote versiones anteriores a 1.7.3 para Node.js permite una inyecci\u00f3n de comandos. Un atacante puede inyectar metacaracteres de shell sin esconder mediante una regex dise\u00f1ada para soportar letras de unidad de Windows. Si la salida de este paquete se pasa a un shell real como un argumento citado a un comando con exec(), un atacante puede inyectar comandos arbitrarios. Esto es debido a que la clase de caracteres regex de la letra de unidad de Windows es {A-z] en lugar de la correcta {A-Za-z]. Se presentan varios metacaracteres del shell en el espacio entre la letra Z may\u00fascula y la letra a min\u00fascula, como el car\u00e1cter backtick"
}
],
"id": "CVE-2021-42740",
"lastModified": "2024-11-21T06:28:04.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-21T15:15:07.633",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.npmjs.com/package/shell-quote"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-G4RG-993R-MGX7
Vulnerability from github – Published: 2022-05-24 19:18 – Updated: 2025-09-10 17:27
VLAI
Summary
Improper Neutralization of Special Elements used in a Command in Shell-quote
Details
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is [A-z] instead of the correct [A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.
Severity
9.8 (Critical)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.7.2"
},
"package": {
"ecosystem": "npm",
"name": "shell-quote"
},
"ranges": [
{
"events": [
{
"introduced": "1.6.3"
},
{
"fixed": "1.7.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-42740"
],
"database_specific": {
"cwe_ids": [
"CWE-77"
],
"github_reviewed": true,
"github_reviewed_at": "2022-06-21T20:08:10Z",
"nvd_published_at": "2021-10-21T15:15:00Z",
"severity": "CRITICAL"
},
"details": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with `exec()`, an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is `[A-z]` instead of the correct `[A-Za-z]`. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.",
"id": "GHSA-g4rg-993r-mgx7",
"modified": "2025-09-10T17:27:08Z",
"published": "2022-05-24T19:18:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-42740"
},
{
"type": "WEB",
"url": "https://github.com/ljharb/shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe"
},
{
"type": "PACKAGE",
"url": "https://github.com/ljharb/shell-quote"
},
{
"type": "WEB",
"url": "https://github.com/ljharb/shell-quote/blob/master/CHANGELOG.md#173"
},
{
"type": "WEB",
"url": "https://www.npmjs.com/package/shell-quote"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper Neutralization of Special Elements used in a Command in Shell-quote"
}
GSD-2021-42740
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2021-42740",
"description": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.",
"id": "GSD-2021-42740",
"references": [
"https://www.suse.com/security/cve/CVE-2021-42740.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-42740"
],
"details": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.",
"id": "GSD-2021-42740",
"modified": "2023-12-13T01:23:06.341579Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42740",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.npmjs.com/package/shell-quote",
"refsource": "MISC",
"url": "https://www.npmjs.com/package/shell-quote"
},
{
"name": "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173",
"refsource": "CONFIRM",
"url": "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173"
},
{
"name": "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe",
"refsource": "CONFIRM",
"url": "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c1.7.3",
"affected_versions": "All versions before 1.7.3",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-77",
"CWE-937"
],
"date": "2021-10-28",
"description": "The shell-quote package for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z case letter a, such as the backtick character.",
"fixed_versions": [
"1.7.3"
],
"identifier": "CVE-2021-42740",
"identifiers": [
"CVE-2021-42740"
],
"not_impacted": "All versions starting from 1.7.3",
"package_slug": "npm/shell-quote",
"pubdate": "2021-10-21",
"solution": "Upgrade to version 1.7.3 or above.",
"title": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-42740",
"https://www.npmjs.com/package/shell-quote"
],
"uuid": "8ce0c871-9143-4334-9743-da74fe163652"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:shell-quote_project:shell-quote:*:*:*:*:*:node.js:*:*",
"cpe_name": [],
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-42740"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe"
},
{
"name": "https://www.npmjs.com/package/shell-quote",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://www.npmjs.com/package/shell-quote"
},
{
"name": "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-10-28T13:54Z",
"publishedDate": "2021-10-21T15:15Z"
}
}
}
SUSE-SU-2022:3313-1
Vulnerability from csaf_suse - Published: 2022-09-19 15:37 - Updated: 2022-09-19 15:37Summary
Security update for release-notes-susemanager, release-notes-susemanager-proxy
Severity
Critical
Notes
Title of the patch: Security update for release-notes-susemanager, release-notes-susemanager-proxy
Description of the patch: This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:
Release notes for SUSE Manager:
- Update to SUSE:Manager 4.2.9
* Notification about SUSE Manager end-of-life has been added
* CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129, CVE-2021-41411
* Bugs mentioned:
bsc#1172705, bsc#1187028, bsc#1195455, bsc#1195895, bsc#1196729
bsc#1198168, bsc#1198489, bsc#1198738, bsc#1198903, bsc#1199372
bsc#1199659, bsc#1199913, bsc#1199950, bsc#1200276, bsc#1200296
bsc#1200480, bsc#1200532, bsc#1200573, bsc#1200591, bsc#1200629
bsc#1201142, bsc#1201189, bsc#1201210, bsc#1201220, bsc#1201224
bsc#1201527, bsc#1201606, bsc#1201607, bsc#1201626, bsc#1201753
bsc#1201913, bsc#1201918, bsc#1202142, bsc#1202272, bsc#1202464
bsc#1202728, bsc#1203287, bsc#1203288, bsc#1203449
Release notes for SUSE Manager Proxy:
- Update to SUSE Manager 4.2.9
* CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129
* Bugs mentioned:
bsc#1198168, bsc#1198903, bsc#1199659, bsc#1200480, bsc#1200591
bsc#1201142, bsc#1202142, bsc#1202724
Patchnames: SUSE-2022-3313,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2022-3313,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2022-3313,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2022-3313
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.8 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
56 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for release-notes-susemanager, release-notes-susemanager-proxy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:\n\nRelease notes for SUSE Manager:\n\n- Update to SUSE:Manager 4.2.9\n * Notification about SUSE Manager end-of-life has been added\n * CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129, CVE-2021-41411\n * Bugs mentioned:\n bsc#1172705, bsc#1187028, bsc#1195455, bsc#1195895, bsc#1196729\n bsc#1198168, bsc#1198489, bsc#1198738, bsc#1198903, bsc#1199372\n bsc#1199659, bsc#1199913, bsc#1199950, bsc#1200276, bsc#1200296\n bsc#1200480, bsc#1200532, bsc#1200573, bsc#1200591, bsc#1200629\n bsc#1201142, bsc#1201189, bsc#1201210, bsc#1201220, bsc#1201224\n bsc#1201527, bsc#1201606, bsc#1201607, bsc#1201626, bsc#1201753\n bsc#1201913, bsc#1201918, bsc#1202142, bsc#1202272, bsc#1202464\n bsc#1202728, bsc#1203287, bsc#1203288, bsc#1203449\n\nRelease notes for SUSE Manager Proxy:\n\n- Update to SUSE Manager 4.2.9\n * CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129\n * Bugs mentioned:\n bsc#1198168, bsc#1198903, bsc#1199659, bsc#1200480, bsc#1200591\n bsc#1201142, bsc#1202142, bsc#1202724\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3313,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2022-3313,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2022-3313,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2022-3313",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3313-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3313-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223313-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3313-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012289.html"
},
{
"category": "self",
"summary": "SUSE Bug 1172705",
"url": "https://bugzilla.suse.com/1172705"
},
{
"category": "self",
"summary": "SUSE Bug 1187028",
"url": "https://bugzilla.suse.com/1187028"
},
{
"category": "self",
"summary": "SUSE Bug 1195455",
"url": "https://bugzilla.suse.com/1195455"
},
{
"category": "self",
"summary": "SUSE Bug 1195895",
"url": "https://bugzilla.suse.com/1195895"
},
{
"category": "self",
"summary": "SUSE Bug 1196729",
"url": "https://bugzilla.suse.com/1196729"
},
{
"category": "self",
"summary": "SUSE Bug 1198168",
"url": "https://bugzilla.suse.com/1198168"
},
{
"category": "self",
"summary": "SUSE Bug 1198489",
"url": "https://bugzilla.suse.com/1198489"
},
{
"category": "self",
"summary": "SUSE Bug 1198738",
"url": "https://bugzilla.suse.com/1198738"
},
{
"category": "self",
"summary": "SUSE Bug 1198903",
"url": "https://bugzilla.suse.com/1198903"
},
{
"category": "self",
"summary": "SUSE Bug 1199372",
"url": "https://bugzilla.suse.com/1199372"
},
{
"category": "self",
"summary": "SUSE Bug 1199659",
"url": "https://bugzilla.suse.com/1199659"
},
{
"category": "self",
"summary": "SUSE Bug 1199913",
"url": "https://bugzilla.suse.com/1199913"
},
{
"category": "self",
"summary": "SUSE Bug 1199950",
"url": "https://bugzilla.suse.com/1199950"
},
{
"category": "self",
"summary": "SUSE Bug 1200276",
"url": "https://bugzilla.suse.com/1200276"
},
{
"category": "self",
"summary": "SUSE Bug 1200296",
"url": "https://bugzilla.suse.com/1200296"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1200532",
"url": "https://bugzilla.suse.com/1200532"
},
{
"category": "self",
"summary": "SUSE Bug 1200573",
"url": "https://bugzilla.suse.com/1200573"
},
{
"category": "self",
"summary": "SUSE Bug 1200591",
"url": "https://bugzilla.suse.com/1200591"
},
{
"category": "self",
"summary": "SUSE Bug 1200629",
"url": "https://bugzilla.suse.com/1200629"
},
{
"category": "self",
"summary": "SUSE Bug 1201142",
"url": "https://bugzilla.suse.com/1201142"
},
{
"category": "self",
"summary": "SUSE Bug 1201189",
"url": "https://bugzilla.suse.com/1201189"
},
{
"category": "self",
"summary": "SUSE Bug 1201210",
"url": "https://bugzilla.suse.com/1201210"
},
{
"category": "self",
"summary": "SUSE Bug 1201220",
"url": "https://bugzilla.suse.com/1201220"
},
{
"category": "self",
"summary": "SUSE Bug 1201224",
"url": "https://bugzilla.suse.com/1201224"
},
{
"category": "self",
"summary": "SUSE Bug 1201527",
"url": "https://bugzilla.suse.com/1201527"
},
{
"category": "self",
"summary": "SUSE Bug 1201606",
"url": "https://bugzilla.suse.com/1201606"
},
{
"category": "self",
"summary": "SUSE Bug 1201607",
"url": "https://bugzilla.suse.com/1201607"
},
{
"category": "self",
"summary": "SUSE Bug 1201626",
"url": "https://bugzilla.suse.com/1201626"
},
{
"category": "self",
"summary": "SUSE Bug 1201753",
"url": "https://bugzilla.suse.com/1201753"
},
{
"category": "self",
"summary": "SUSE Bug 1201913",
"url": "https://bugzilla.suse.com/1201913"
},
{
"category": "self",
"summary": "SUSE Bug 1201918",
"url": "https://bugzilla.suse.com/1201918"
},
{
"category": "self",
"summary": "SUSE Bug 1202142",
"url": "https://bugzilla.suse.com/1202142"
},
{
"category": "self",
"summary": "SUSE Bug 1202272",
"url": "https://bugzilla.suse.com/1202272"
},
{
"category": "self",
"summary": "SUSE Bug 1202464",
"url": "https://bugzilla.suse.com/1202464"
},
{
"category": "self",
"summary": "SUSE Bug 1202724",
"url": "https://bugzilla.suse.com/1202724"
},
{
"category": "self",
"summary": "SUSE Bug 1202728",
"url": "https://bugzilla.suse.com/1202728"
},
{
"category": "self",
"summary": "SUSE Bug 1203287",
"url": "https://bugzilla.suse.com/1203287"
},
{
"category": "self",
"summary": "SUSE Bug 1203288",
"url": "https://bugzilla.suse.com/1203288"
},
{
"category": "self",
"summary": "SUSE Bug 1203449",
"url": "https://bugzilla.suse.com/1203449"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41411 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-42740 page",
"url": "https://www.suse.com/security/cve/CVE-2021-42740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31129 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31129/"
}
],
"title": "Security update for release-notes-susemanager, release-notes-susemanager-proxy",
"tracking": {
"current_release_date": "2022-09-19T15:37:27Z",
"generator": {
"date": "2022-09-19T15:37:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3313-1",
"initial_release_date": "2022-09-19T15:37:27Z",
"revision_history": [
{
"date": "2022-09-19T15:37:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.aarch64",
"product": {
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.aarch64",
"product_id": "release-notes-susemanager-4.2.9-150300.3.54.1.aarch64"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.aarch64",
"product": {
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.aarch64",
"product_id": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.i586",
"product": {
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.i586",
"product_id": "release-notes-susemanager-4.2.9-150300.3.54.1.i586"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.i586",
"product": {
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.i586",
"product_id": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"product": {
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"product_id": "release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.ppc64le",
"product": {
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.ppc64le",
"product_id": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"product": {
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"product_id": "release-notes-susemanager-4.2.9-150300.3.54.1.s390x"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.s390x",
"product": {
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.s390x",
"product_id": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.x86_64",
"product": {
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.x86_64",
"product_id": "release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"product": {
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"product_id": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy 4.2",
"product_id": "SUSE Manager Proxy 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "SUSE Manager Retail Branch Server 4.2",
"product_id": "SUSE Manager Retail Branch Server 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 as component of SUSE Manager Proxy 4.2",
"product_id": "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64"
},
"product_reference": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 as component of SUSE Manager Retail Branch Server 4.2",
"product_id": "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64"
},
"product_reference": "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le"
},
"product_reference": "release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.s390x as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x"
},
"product_reference": "release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.2.9-150300.3.54.1.x86_64 as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
},
"product_reference": "release-notes-susemanager-4.2.9-150300.3.54.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41411"
}
],
"notes": [
{
"category": "general",
"text": "drools \u003c=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41411",
"url": "https://www.suse.com/security/cve/CVE-2021-41411"
},
{
"category": "external",
"summary": "SUSE Bug 1200629 for CVE-2021-41411",
"url": "https://bugzilla.suse.com/1200629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:37:27Z",
"details": "important"
}
],
"title": "CVE-2021-41411"
},
{
"cve": "CVE-2021-42740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-42740"
}
],
"notes": [
{
"category": "general",
"text": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-42740",
"url": "https://www.suse.com/security/cve/CVE-2021-42740"
},
{
"category": "external",
"summary": "SUSE Bug 1203287 for CVE-2021-42740",
"url": "https://bugzilla.suse.com/1203287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:37:27Z",
"details": "critical"
}
],
"title": "CVE-2021-42740"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:37:27Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2022-31129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31129"
}
],
"notes": [
{
"category": "general",
"text": "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31129",
"url": "https://www.suse.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "SUSE Bug 1203288 for CVE-2022-31129",
"url": "https://bugzilla.suse.com/1203288"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x",
"SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:37:27Z",
"details": "important"
}
],
"title": "CVE-2022-31129"
}
]
}
SUSE-SU-2022:3314-1
Vulnerability from csaf_suse - Published: 2022-09-19 15:38 - Updated: 2022-09-19 15:38Summary
Security update for SUSE Manager Server 4.2
Severity
Critical
Notes
Title of the patch: Security update for SUSE Manager Server 4.2
Description of the patch: This update fixes the following issues:
drools:
- CVE-2021-41411: XML External Entity injection in KieModuleModelImpl.java. (bsc#1200629)
httpcomponents-asyncclient:
- Provide maven metadata needed by other packages to build
image-sync-formula:
- Update to version 0.1.1661440526.b08d95b
* Add option to sort boot images by version (bsc#1196729)
inter-server-sync:
- Version 0.2.3
* Compress exported sql data #16631
* Add gzip dependency to decompress data file during import process
patterns-suse-manager:
- Strictly require OpenJDK 11 (bsc#1202142)
py27-compat-salt:
- Add support for gpgautoimport in zypperpkg module
- Fix salt.states.file.managed() for follow_symlinks=True and test=True (bsc#1199372)
- Add support for name, pkgs and diff_attr parameters to upgrade
function for zypper and yum (bsc#1198489)
- Unify logic on using multiple requisites and add onfail_all (bsc#1198738)
- Normalize package names once with pkg.installed/removed using yum (bsc#1195895)
salt-netapi-client:
- Declare the LICENSE file as license and not doc
- Adapted for Enterprise Linux 9.
- Version 0.20.0
* See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.20.0
saltboot-formula:
- Update to version 0.1.1661440526.b08d95b
* Fallback to local boot if the configured image is not synced
* improve image url modifications - preparation for ftp/http changes
spacecmd:
- Version 4.2.19-1
* Process date values in spacecmd api calls (bsc#1198903)
* Show correct help on calling kickstart_importjson with no arguments
* Fix tracebacks on spacecmd kickstart_export (bsc#1200591)
spacewalk-admin:
- Version 4.2.12-1
* Add --help option to mgr-monitoring-ctl
spacewalk-backend:
- Version 4.2.24-1
* Make reposync use the configured http proxy with mirrorlist (bsc#1198168)
* Revert proxy listChannels token caching pr#4548
* cleanup leftovers from removing unused xmlrpc endpoint
spacewalk-certs-tools:
- Version 4.2.18-1
* traditional stack bootstrap: install product packages (bsc#1201142)
spacewalk-client-tools:
- Version 4.2.20-1
* Update translation strings
spacewalk-java:
- Version 4.2.41-1
* Fixed date format on scheduler related messages (bsc#1195455)
* Support inherited values for kernel options from Cobbler API (bsc#1199913)
* Add channel availability check for product migration (bsc#1200296)
* Check if system has all formulas correctly assigned (bsc#1201607)
* Remove group formula assignments and data on group delete (bsc#1201606)
* Fix sync for external repositories (bsc#1201753)
* fix state.apply result parsing in test mode (bsc#1201913)
* Reduce the length of image channel URL (bsc#1201220)
* Calculate dependencies between cloned channels of vendor channels (bsc#1201626)
* fix symlinks pointing to ongres-stringprep
* Modify parameter type when communicating with the search server (bsc#1187028)
* Fix initial profile and build host on Image Build page (bsc#1199659)
* Fix the confirm message on the refresh action by adding a link
to pending actions on it (bsc#1172705)
* require new salt-netapi-client version
* Clean grub2 reinstall entry in autoyast snippet (bsc#1199950)
spacewalk-search:
- Version 4.2.8-1
* Add methods to handle session id as String
spacewalk-web:
- Version 4.2.29-1
* CVE-2021-43138: Obtain privileges via the `mapValues()` method. (bsc#1200480)
* CVE-2021-42740: Command injection in the shell-quote package. (bsc#1203287)
* CVE-2022-31129: Denial-of-Service moment: inefficient parsing algorithm (bsc#1203288)
* Fix table header layout for unselectable tables
* Fix initial profile and build host on Image Build page (bsc#1199659)
subscription-matcher:
- Added Guava maximum version requirement.
susemanager:
- Version 4.2.37-1
* mark new dependencies for python-py optional in bootstrap repo to fix generation for older service packs
(bsc#1203449)
- Version 4.2.36-1
* add missing packages on SLES 15
* remove server-migrator.sh from SUSE Manager installations (bsc#1202728)
* mgr-create-bootstrap-repo: flush directory also when called for a specific label (bsc#1200573)
* add missing packages on SLES 12 SP5 bootstrap repo (bsc#1201918)
* remove python-tornado from bootstrap repo, since no longer required for salt version >= 3000
* add openSUSE 15.4 product (bsc#1201527)
* add clients tool product to generate bootstrap repo on openSUSE 15.x (bsc#1201189)
susemanager-doc-indexes:
- Documented mandatory channels in the Disconnected Setup chapter of the
Administration Guide (bsc#1202464)
- Documented how to onboard Ubuntu clients with the Salt bundle as a
regular user
- Documented how to onboard Debian clients with the Salt bundle or plain Salt
as a regular user
- Fixed the names of updates channels for Leap
- Fixed errors in OpenSCAP chapter of Administration Guide
- Added exact command to create the bootstrap repo for Salt bundle and about how to disable salt-thin
- Removed CentOS 8 from the list of supported client systems
- Extend the notes about using noexec option for /tmp and /var/tmp (bsc#1201210)
- Reverted single snippet change for two separate books
- Added extend Salt Bundle functionality with Python packages using pip
- Add missing part of the description to enable optional support of the Salt Bundle with Salt SSH
- Added exact command to create the bootstrap repo for salt bundle and about how to disable salt-thin
- Salt Configuration Modules are no longer Technology Preview in Salt Guide.
- Fixed Ubuntu 18 Client registration in Client Configuration Guide (bsc#1201224)
- Added ports 1232 and 1233 in the Ports section of the Installation and
Upgrade Guide; required for Salt SSH Push (bsc#1200532)
- In the Custom Channel section of the Administration Guide add a note
about synchronizing repositories regularly.
- Removed SUSE Linux Enterprise 11 from the list of supported client systems
susemanager-docs_en:
- Documented mandatory channels in the Disconnected Setup chapter of the
Administration Guide (bsc#1202464)
- Documented how to onboard Ubuntu clients with the Salt bundle as a
regular user
- Documented how to onboard Debian clients with the Salt bundle or plain Salt
as a regular user
- Fixed the names of updates channels for Leap
- Fixed errors in OpenSCAP chapter of Administration Guide
- Added exact command to create the bootstrap repo for Salt bundle and about how to disable salt-thin
- Removed CentOS 8 from the list of supported client systems
- Extend the notes about using noexec option for /tmp and /var/tmp (bsc#1201210)
- Reverted single snippet change for two separate books
- Added extend Salt Bundle functionality with Python packages using pip
- Add missing part of the description to enable optional support of the Salt Bundle with Salt SSH
- Added exact command to create the bootstrap repo for salt bundle and about how to disable salt-thin
- Salt Configuration Modules are no longer Technology Preview in Salt Guide.
- Fixed Ubuntu 18 Client registration in Client Configuration Guide (bsc#1201224)
- Added ports 1232 and 1233 in the Ports section of the Installation and
Upgrade Guide; required for Salt SSH Push (bsc#1200532)
- In the Custom Channel section of the Administration Guide add a note
about synchronizing repositories regularly.
- Removed SUSE Linux Enterprise 11 from the list of supported client systems
susemanager-schema:
- Version 4.2.24-1
* Fix migration of image actions (bsc#1202272)
susemanager-sls:
- Version 4.2.27-1
* Copy grains file with util.mgr_switch_to_venv_minion state apply
* Remove the message 'rpm: command not found' on using Salt SSH
with Debian based systems which has no Salt Bundle
* Prevent possible tracebacks on calling module.run from mgrcompat
by setting proper globals with using LazyLoader
* Fix deploy of SLE Micro CA Certificate (bsc#1200276)
uyuni-common-libs:
- Version 4.2.7-1
* Do not allow creating path if nonexistent user or group in fileutils.
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
`spacewalk-service stop`
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
`spacewalk-service start`
Patchnames: SUSE-2022-3314,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-3314,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-3314
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch | — |
Vendor Fix
|
Threats
Impact
critical
7.8 (High)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
84 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
55 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Server 4.2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ndrools:\n\n- CVE-2021-41411: XML External Entity injection in KieModuleModelImpl.java. (bsc#1200629)\n\nhttpcomponents-asyncclient:\n\n- Provide maven metadata needed by other packages to build\n\nimage-sync-formula:\n\n- Update to version 0.1.1661440526.b08d95b\n * Add option to sort boot images by version (bsc#1196729)\n\ninter-server-sync:\n\n- Version 0.2.3\n * Compress exported sql data #16631\n * Add gzip dependency to decompress data file during import process\n\npatterns-suse-manager:\n\n- Strictly require OpenJDK 11 (bsc#1202142) \n\npy27-compat-salt:\n\n- Add support for gpgautoimport in zypperpkg module\n- Fix salt.states.file.managed() for follow_symlinks=True and test=True (bsc#1199372)\n- Add support for name, pkgs and diff_attr parameters to upgrade\n function for zypper and yum (bsc#1198489)\n- Unify logic on using multiple requisites and add onfail_all (bsc#1198738)\n- Normalize package names once with pkg.installed/removed using yum (bsc#1195895)\n\nsalt-netapi-client:\n\n- Declare the LICENSE file as license and not doc\n- Adapted for Enterprise Linux 9.\n- Version 0.20.0\n * See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.20.0\n\nsaltboot-formula:\n\n- Update to version 0.1.1661440526.b08d95b\n * Fallback to local boot if the configured image is not synced\n * improve image url modifications - preparation for ftp/http changes\n\nspacecmd:\n\n- Version 4.2.19-1\n * Process date values in spacecmd api calls (bsc#1198903)\n * Show correct help on calling kickstart_importjson with no arguments\n * Fix tracebacks on spacecmd kickstart_export (bsc#1200591)\n\nspacewalk-admin:\n\n- Version 4.2.12-1\n * Add --help option to mgr-monitoring-ctl\n\nspacewalk-backend:\n\n- Version 4.2.24-1\n * Make reposync use the configured http proxy with mirrorlist (bsc#1198168)\n * Revert proxy listChannels token caching pr#4548\n * cleanup leftovers from removing unused xmlrpc endpoint\n\nspacewalk-certs-tools:\n\n- Version 4.2.18-1\n * traditional stack bootstrap: install product packages (bsc#1201142)\n\nspacewalk-client-tools:\n\n- Version 4.2.20-1\n * Update translation strings\n\nspacewalk-java:\n\n- Version 4.2.41-1\n * Fixed date format on scheduler related messages (bsc#1195455)\n * Support inherited values for kernel options from Cobbler API (bsc#1199913)\n * Add channel availability check for product migration (bsc#1200296)\n * Check if system has all formulas correctly assigned (bsc#1201607)\n * Remove group formula assignments and data on group delete (bsc#1201606)\n * Fix sync for external repositories (bsc#1201753)\n * fix state.apply result parsing in test mode (bsc#1201913)\n * Reduce the length of image channel URL (bsc#1201220)\n * Calculate dependencies between cloned channels of vendor channels (bsc#1201626)\n * fix symlinks pointing to ongres-stringprep\n * Modify parameter type when communicating with the search server (bsc#1187028)\n * Fix initial profile and build host on Image Build page (bsc#1199659)\n * Fix the confirm message on the refresh action by adding a link\n to pending actions on it (bsc#1172705)\n * require new salt-netapi-client version\n * Clean grub2 reinstall entry in autoyast snippet (bsc#1199950)\n\nspacewalk-search:\n\n- Version 4.2.8-1\n * Add methods to handle session id as String\n\nspacewalk-web:\n\n- Version 4.2.29-1\n * CVE-2021-43138: Obtain privileges via the `mapValues()` method. (bsc#1200480)\n * CVE-2021-42740: Command injection in the shell-quote package. (bsc#1203287) \n * CVE-2022-31129: Denial-of-Service moment: inefficient parsing algorithm (bsc#1203288)\n * Fix table header layout for unselectable tables\n * Fix initial profile and build host on Image Build page (bsc#1199659)\n\nsubscription-matcher:\n\n- Added Guava maximum version requirement.\n\nsusemanager:\n \n- Version 4.2.37-1\n * mark new dependencies for python-py optional in bootstrap repo to fix generation for older service packs \n (bsc#1203449)\n- Version 4.2.36-1\n * add missing packages on SLES 15\n * remove server-migrator.sh from SUSE Manager installations (bsc#1202728)\n * mgr-create-bootstrap-repo: flush directory also when called for a specific label (bsc#1200573)\n * add missing packages on SLES 12 SP5 bootstrap repo (bsc#1201918)\n * remove python-tornado from bootstrap repo, since no longer required for salt version \u003e= 3000\n * add openSUSE 15.4 product (bsc#1201527)\n * add clients tool product to generate bootstrap repo on openSUSE 15.x (bsc#1201189)\n\nsusemanager-doc-indexes:\n\n- Documented mandatory channels in the Disconnected Setup chapter of the\n Administration Guide (bsc#1202464)\n- Documented how to onboard Ubuntu clients with the Salt bundle as a\n regular user\n- Documented how to onboard Debian clients with the Salt bundle or plain Salt\n as a regular user\n- Fixed the names of updates channels for Leap\n- Fixed errors in OpenSCAP chapter of Administration Guide\n- Added exact command to create the bootstrap repo for Salt bundle and about how to disable salt-thin\n- Removed CentOS 8 from the list of supported client systems\n- Extend the notes about using noexec option for /tmp and /var/tmp (bsc#1201210)\n- Reverted single snippet change for two separate books\n- Added extend Salt Bundle functionality with Python packages using pip\n- Add missing part of the description to enable optional support of the Salt Bundle with Salt SSH\n- Added exact command to create the bootstrap repo for salt bundle and about how to disable salt-thin\n- Salt Configuration Modules are no longer Technology Preview in Salt Guide.\n- Fixed Ubuntu 18 Client registration in Client Configuration Guide (bsc#1201224)\n- Added ports 1232 and 1233 in the Ports section of the Installation and\n Upgrade Guide; required for Salt SSH Push (bsc#1200532)\n- In the Custom Channel section of the Administration Guide add a note\n about synchronizing repositories regularly.\n- Removed SUSE Linux Enterprise 11 from the list of supported client systems\n\nsusemanager-docs_en:\n\n- Documented mandatory channels in the Disconnected Setup chapter of the\n Administration Guide (bsc#1202464)\n- Documented how to onboard Ubuntu clients with the Salt bundle as a\n regular user\n- Documented how to onboard Debian clients with the Salt bundle or plain Salt\n as a regular user\n- Fixed the names of updates channels for Leap\n- Fixed errors in OpenSCAP chapter of Administration Guide\n- Added exact command to create the bootstrap repo for Salt bundle and about how to disable salt-thin\n- Removed CentOS 8 from the list of supported client systems\n- Extend the notes about using noexec option for /tmp and /var/tmp (bsc#1201210)\n- Reverted single snippet change for two separate books\n- Added extend Salt Bundle functionality with Python packages using pip\n- Add missing part of the description to enable optional support of the Salt Bundle with Salt SSH\n- Added exact command to create the bootstrap repo for salt bundle and about how to disable salt-thin\n- Salt Configuration Modules are no longer Technology Preview in Salt Guide.\n- Fixed Ubuntu 18 Client registration in Client Configuration Guide (bsc#1201224)\n- Added ports 1232 and 1233 in the Ports section of the Installation and\n Upgrade Guide; required for Salt SSH Push (bsc#1200532)\n- In the Custom Channel section of the Administration Guide add a note\n about synchronizing repositories regularly.\n- Removed SUSE Linux Enterprise 11 from the list of supported client systems\n\nsusemanager-schema:\n\n- Version 4.2.24-1\n * Fix migration of image actions (bsc#1202272)\n\nsusemanager-sls:\n\n- Version 4.2.27-1\n * Copy grains file with util.mgr_switch_to_venv_minion state apply\n * Remove the message \u0027rpm: command not found\u0027 on using Salt SSH\n with Debian based systems which has no Salt Bundle\n * Prevent possible tracebacks on calling module.run from mgrcompat\n by setting proper globals with using LazyLoader\n * Fix deploy of SLE Micro CA Certificate (bsc#1200276)\n\nuyuni-common-libs:\n\n- Version 4.2.7-1\n * Do not allow creating path if nonexistent user or group in fileutils.\n\nHow to apply this update:\n\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\n`spacewalk-service stop`\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\n`spacewalk-service start`\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3314,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-3314,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-3314",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3314-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3314-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223314-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3314-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012286.html"
},
{
"category": "self",
"summary": "SUSE Bug 1172705",
"url": "https://bugzilla.suse.com/1172705"
},
{
"category": "self",
"summary": "SUSE Bug 1187028",
"url": "https://bugzilla.suse.com/1187028"
},
{
"category": "self",
"summary": "SUSE Bug 1195455",
"url": "https://bugzilla.suse.com/1195455"
},
{
"category": "self",
"summary": "SUSE Bug 1195895",
"url": "https://bugzilla.suse.com/1195895"
},
{
"category": "self",
"summary": "SUSE Bug 1196729",
"url": "https://bugzilla.suse.com/1196729"
},
{
"category": "self",
"summary": "SUSE Bug 1198168",
"url": "https://bugzilla.suse.com/1198168"
},
{
"category": "self",
"summary": "SUSE Bug 1198489",
"url": "https://bugzilla.suse.com/1198489"
},
{
"category": "self",
"summary": "SUSE Bug 1198738",
"url": "https://bugzilla.suse.com/1198738"
},
{
"category": "self",
"summary": "SUSE Bug 1198903",
"url": "https://bugzilla.suse.com/1198903"
},
{
"category": "self",
"summary": "SUSE Bug 1199372",
"url": "https://bugzilla.suse.com/1199372"
},
{
"category": "self",
"summary": "SUSE Bug 1199659",
"url": "https://bugzilla.suse.com/1199659"
},
{
"category": "self",
"summary": "SUSE Bug 1199913",
"url": "https://bugzilla.suse.com/1199913"
},
{
"category": "self",
"summary": "SUSE Bug 1199950",
"url": "https://bugzilla.suse.com/1199950"
},
{
"category": "self",
"summary": "SUSE Bug 1200276",
"url": "https://bugzilla.suse.com/1200276"
},
{
"category": "self",
"summary": "SUSE Bug 1200296",
"url": "https://bugzilla.suse.com/1200296"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1200532",
"url": "https://bugzilla.suse.com/1200532"
},
{
"category": "self",
"summary": "SUSE Bug 1200573",
"url": "https://bugzilla.suse.com/1200573"
},
{
"category": "self",
"summary": "SUSE Bug 1200591",
"url": "https://bugzilla.suse.com/1200591"
},
{
"category": "self",
"summary": "SUSE Bug 1200629",
"url": "https://bugzilla.suse.com/1200629"
},
{
"category": "self",
"summary": "SUSE Bug 1201142",
"url": "https://bugzilla.suse.com/1201142"
},
{
"category": "self",
"summary": "SUSE Bug 1201189",
"url": "https://bugzilla.suse.com/1201189"
},
{
"category": "self",
"summary": "SUSE Bug 1201210",
"url": "https://bugzilla.suse.com/1201210"
},
{
"category": "self",
"summary": "SUSE Bug 1201220",
"url": "https://bugzilla.suse.com/1201220"
},
{
"category": "self",
"summary": "SUSE Bug 1201224",
"url": "https://bugzilla.suse.com/1201224"
},
{
"category": "self",
"summary": "SUSE Bug 1201527",
"url": "https://bugzilla.suse.com/1201527"
},
{
"category": "self",
"summary": "SUSE Bug 1201606",
"url": "https://bugzilla.suse.com/1201606"
},
{
"category": "self",
"summary": "SUSE Bug 1201607",
"url": "https://bugzilla.suse.com/1201607"
},
{
"category": "self",
"summary": "SUSE Bug 1201626",
"url": "https://bugzilla.suse.com/1201626"
},
{
"category": "self",
"summary": "SUSE Bug 1201753",
"url": "https://bugzilla.suse.com/1201753"
},
{
"category": "self",
"summary": "SUSE Bug 1201913",
"url": "https://bugzilla.suse.com/1201913"
},
{
"category": "self",
"summary": "SUSE Bug 1201918",
"url": "https://bugzilla.suse.com/1201918"
},
{
"category": "self",
"summary": "SUSE Bug 1202142",
"url": "https://bugzilla.suse.com/1202142"
},
{
"category": "self",
"summary": "SUSE Bug 1202272",
"url": "https://bugzilla.suse.com/1202272"
},
{
"category": "self",
"summary": "SUSE Bug 1202464",
"url": "https://bugzilla.suse.com/1202464"
},
{
"category": "self",
"summary": "SUSE Bug 1202728",
"url": "https://bugzilla.suse.com/1202728"
},
{
"category": "self",
"summary": "SUSE Bug 1203287",
"url": "https://bugzilla.suse.com/1203287"
},
{
"category": "self",
"summary": "SUSE Bug 1203288",
"url": "https://bugzilla.suse.com/1203288"
},
{
"category": "self",
"summary": "SUSE Bug 1203449",
"url": "https://bugzilla.suse.com/1203449"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41411 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-42740 page",
"url": "https://www.suse.com/security/cve/CVE-2021-42740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31129 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31129/"
}
],
"title": "Security update for SUSE Manager Server 4.2",
"tracking": {
"current_release_date": "2022-09-19T15:38:45Z",
"generator": {
"date": "2022-09-19T15:38:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3314-1",
"initial_release_date": "2022-09-19T15:38:45Z",
"revision_history": [
{
"date": "2022-09-19T15:38:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "inter-server-sync-0.2.3-150300.8.22.2.aarch64",
"product": {
"name": "inter-server-sync-0.2.3-150300.8.22.2.aarch64",
"product_id": "inter-server-sync-0.2.3-150300.8.22.2.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_proxy-4.2-150300.4.12.2.aarch64",
"product": {
"name": "patterns-suma_proxy-4.2-150300.4.12.2.aarch64",
"product_id": "patterns-suma_proxy-4.2-150300.4.12.2.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.2-150300.4.12.2.aarch64",
"product": {
"name": "patterns-suma_retail-4.2-150300.4.12.2.aarch64",
"product_id": "patterns-suma_retail-4.2-150300.4.12.2.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.2-150300.4.12.2.aarch64",
"product": {
"name": "patterns-suma_server-4.2-150300.4.12.2.aarch64",
"product_id": "patterns-suma_server-4.2-150300.4.12.2.aarch64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64",
"product": {
"name": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64",
"product_id": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64",
"product": {
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64",
"product_id": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-4.2.37-150300.3.41.1.aarch64",
"product": {
"name": "susemanager-4.2.37-150300.3.41.1.aarch64",
"product_id": "susemanager-4.2.37-150300.3.41.1.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.2.37-150300.3.41.1.aarch64",
"product": {
"name": "susemanager-tools-4.2.37-150300.3.41.1.aarch64",
"product_id": "susemanager-tools-4.2.37-150300.3.41.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "drools-7.17.0-150300.4.6.2.noarch",
"product": {
"name": "drools-7.17.0-150300.4.6.2.noarch",
"product_id": "drools-7.17.0-150300.4.6.2.noarch"
}
},
{
"category": "product_version",
"name": "httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"product": {
"name": "httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"product_id": "httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"product": {
"name": "image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"product_id": "image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "mgr-daemon-4.2.10-150300.2.9.4.noarch",
"product": {
"name": "mgr-daemon-4.2.10-150300.2.9.4.noarch",
"product_id": "mgr-daemon-4.2.10-150300.2.9.4.noarch"
}
},
{
"category": "product_version",
"name": "py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"product": {
"name": "py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"product_id": "py27-compat-salt-3000.3-150300.7.7.23.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"product": {
"name": "python2-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"product_id": "python2-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"product": {
"name": "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"product_id": "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"product": {
"name": "python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"product_id": "python3-spacewalk-check-4.2.20-150300.4.24.3.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"product": {
"name": "python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"product_id": "python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"product": {
"name": "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"product_id": "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch"
}
},
{
"category": "product_version",
"name": "salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"product": {
"name": "salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"product_id": "salt-netapi-client-0.20.0-150300.3.9.4.noarch"
}
},
{
"category": "product_version",
"name": "salt-netapi-client-javadoc-0.20.0-150300.3.9.4.noarch",
"product": {
"name": "salt-netapi-client-javadoc-0.20.0-150300.3.9.4.noarch",
"product_id": "salt-netapi-client-javadoc-0.20.0-150300.3.9.4.noarch"
}
},
{
"category": "product_version",
"name": "saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"product": {
"name": "saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"product_id": "saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.2.19-150300.4.27.2.noarch",
"product": {
"name": "spacecmd-4.2.19-150300.4.27.2.noarch",
"product_id": "spacecmd-4.2.19-150300.4.27.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"product": {
"name": "spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"product_id": "spacewalk-admin-4.2.12-150300.3.15.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-app-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-cdn-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-cdn-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-cdn-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-server-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"product": {
"name": "spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"product_id": "spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-4.2.29-150300.3.27.3.noarch",
"product": {
"name": "spacewalk-base-4.2.29-150300.3.27.3.noarch",
"product_id": "spacewalk-base-4.2.29-150300.3.27.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"product": {
"name": "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"product_id": "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"product": {
"name": "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"product_id": "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"product": {
"name": "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"product_id": "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-4.2.20-150300.4.24.3.noarch",
"product": {
"name": "spacewalk-check-4.2.20-150300.4.24.3.noarch",
"product_id": "spacewalk-check-4.2.20-150300.4.24.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"product": {
"name": "spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"product_id": "spacewalk-client-setup-4.2.20-150300.4.24.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"product": {
"name": "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"product_id": "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-dobby-4.2.29-150300.3.27.3.noarch",
"product": {
"name": "spacewalk-dobby-4.2.29-150300.3.27.3.noarch",
"product_id": "spacewalk-dobby-4.2.29-150300.3.27.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-4.2.29-150300.3.27.3.noarch",
"product": {
"name": "spacewalk-html-4.2.29-150300.3.27.3.noarch",
"product_id": "spacewalk-html-4.2.29-150300.3.27.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-debug-4.2.29-150300.3.27.3.noarch",
"product": {
"name": "spacewalk-html-debug-4.2.29-150300.3.27.3.noarch",
"product_id": "spacewalk-html-debug-4.2.29-150300.3.27.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-4.2.41-150300.3.43.5.noarch",
"product": {
"name": "spacewalk-java-4.2.41-150300.3.43.5.noarch",
"product_id": "spacewalk-java-4.2.41-150300.3.43.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-4.2.41-150300.3.43.5.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-4.2.41-150300.3.43.5.noarch",
"product_id": "spacewalk-java-apidoc-sources-4.2.41-150300.3.43.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"product": {
"name": "spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"product_id": "spacewalk-java-config-4.2.41-150300.3.43.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"product": {
"name": "spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"product_id": "spacewalk-java-lib-4.2.41-150300.3.43.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"product": {
"name": "spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"product_id": "spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"product": {
"name": "spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"product_id": "spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"product": {
"name": "spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"product_id": "spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"product": {
"name": "spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"product_id": "spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"product": {
"name": "spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"product_id": "spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"product": {
"name": "spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"product_id": "spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"product": {
"name": "spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"product_id": "spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-search-4.2.8-150300.3.12.2.noarch",
"product": {
"name": "spacewalk-search-4.2.8-150300.3.12.2.noarch",
"product_id": "spacewalk-search-4.2.8-150300.3.12.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"product": {
"name": "spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"product_id": "spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch"
}
},
{
"category": "product_version",
"name": "subscription-matcher-0.29-150300.6.12.2.noarch",
"product": {
"name": "subscription-matcher-0.29-150300.6.12.2.noarch",
"product_id": "subscription-matcher-0.29-150300.6.12.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"product": {
"name": "susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"product_id": "susemanager-doc-indexes-4.2-150300.12.33.4.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-4.2-150300.12.33.2.noarch",
"product": {
"name": "susemanager-docs_en-4.2-150300.12.33.2.noarch",
"product_id": "susemanager-docs_en-4.2-150300.12.33.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"product": {
"name": "susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"product_id": "susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-4.2.24-150300.3.27.3.noarch",
"product": {
"name": "susemanager-schema-4.2.24-150300.3.27.3.noarch",
"product_id": "susemanager-schema-4.2.24-150300.3.27.3.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-sanity-4.2.24-150300.3.27.3.noarch",
"product": {
"name": "susemanager-schema-sanity-4.2.24-150300.3.27.3.noarch",
"product_id": "susemanager-schema-sanity-4.2.24-150300.3.27.3.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sls-4.2.27-150300.3.33.4.noarch",
"product": {
"name": "susemanager-sls-4.2.27-150300.3.33.4.noarch",
"product_id": "susemanager-sls-4.2.27-150300.3.33.4.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"product": {
"name": "susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"product_id": "susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch"
}
},
{
"category": "product_version",
"name": "uyuni-config-modules-4.2.27-150300.3.33.4.noarch",
"product": {
"name": "uyuni-config-modules-4.2.27-150300.3.33.4.noarch",
"product_id": "uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"product": {
"name": "inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"product_id": "inter-server-sync-0.2.3-150300.8.22.2.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_proxy-4.2-150300.4.12.2.ppc64le",
"product": {
"name": "patterns-suma_proxy-4.2-150300.4.12.2.ppc64le",
"product_id": "patterns-suma_proxy-4.2-150300.4.12.2.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"product": {
"name": "patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"product_id": "patterns-suma_retail-4.2-150300.4.12.2.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"product": {
"name": "patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"product_id": "patterns-suma_server-4.2-150300.4.12.2.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"product": {
"name": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"product_id": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"product": {
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"product_id": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-4.2.37-150300.3.41.1.ppc64le",
"product": {
"name": "susemanager-4.2.37-150300.3.41.1.ppc64le",
"product_id": "susemanager-4.2.37-150300.3.41.1.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"product": {
"name": "susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"product_id": "susemanager-tools-4.2.37-150300.3.41.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "inter-server-sync-0.2.3-150300.8.22.2.s390x",
"product": {
"name": "inter-server-sync-0.2.3-150300.8.22.2.s390x",
"product_id": "inter-server-sync-0.2.3-150300.8.22.2.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_proxy-4.2-150300.4.12.2.s390x",
"product": {
"name": "patterns-suma_proxy-4.2-150300.4.12.2.s390x",
"product_id": "patterns-suma_proxy-4.2-150300.4.12.2.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.2-150300.4.12.2.s390x",
"product": {
"name": "patterns-suma_retail-4.2-150300.4.12.2.s390x",
"product_id": "patterns-suma_retail-4.2-150300.4.12.2.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.2-150300.4.12.2.s390x",
"product": {
"name": "patterns-suma_server-4.2-150300.4.12.2.s390x",
"product_id": "patterns-suma_server-4.2-150300.4.12.2.s390x"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"product": {
"name": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"product_id": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.s390x"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"product": {
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"product_id": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-4.2.37-150300.3.41.1.s390x",
"product": {
"name": "susemanager-4.2.37-150300.3.41.1.s390x",
"product_id": "susemanager-4.2.37-150300.3.41.1.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.2.37-150300.3.41.1.s390x",
"product": {
"name": "susemanager-tools-4.2.37-150300.3.41.1.s390x",
"product_id": "susemanager-tools-4.2.37-150300.3.41.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"product": {
"name": "inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"product_id": "inter-server-sync-0.2.3-150300.8.22.2.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"product": {
"name": "patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"product_id": "patterns-suma_proxy-4.2-150300.4.12.2.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"product": {
"name": "patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"product_id": "patterns-suma_retail-4.2-150300.4.12.2.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.2-150300.4.12.2.x86_64",
"product": {
"name": "patterns-suma_server-4.2-150300.4.12.2.x86_64",
"product_id": "patterns-suma_server-4.2-150300.4.12.2.x86_64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"product": {
"name": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"product_id": "python2-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"product": {
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"product_id": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-4.2.37-150300.3.41.1.x86_64",
"product": {
"name": "susemanager-4.2.37-150300.3.41.1.x86_64",
"product_id": "susemanager-4.2.37-150300.3.41.1.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"product": {
"name": "susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"product_id": "susemanager-tools-4.2.37-150300.3.41.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy Module 4.2",
"product": {
"name": "SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-proxy:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server Module 4.2",
"product": {
"name": "SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-daemon-4.2.10-150300.2.9.4.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch"
},
"product_reference": "mgr-daemon-4.2.10-150300.2.9.4.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_proxy-4.2-150300.4.12.2.x86_64 as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64"
},
"product_reference": "patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch"
},
"product_reference": "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-check-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch"
},
"product_reference": "python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch"
},
"product_reference": "python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch"
},
"product_reference": "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64"
},
"product_reference": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.2.19-150300.4.27.2.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch"
},
"product_reference": "spacecmd-4.2.19-150300.4.27.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch"
},
"product_reference": "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch"
},
"product_reference": "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-check-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch"
},
"product_reference": "spacewalk-check-4.2.20-150300.4.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-setup-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch"
},
"product_reference": "spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch"
},
"product_reference": "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch"
},
"product_reference": "spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch"
},
"product_reference": "spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch"
},
"product_reference": "spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch"
},
"product_reference": "spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch"
},
"product_reference": "spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch"
},
"product_reference": "spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch as component of SUSE Manager Proxy Module 4.2",
"product_id": "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch"
},
"product_reference": "susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "drools-7.17.0-150300.4.6.2.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch"
},
"product_reference": "drools-7.17.0-150300.4.6.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch"
},
"product_reference": "httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch"
},
"product_reference": "image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "inter-server-sync-0.2.3-150300.8.22.2.ppc64le as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le"
},
"product_reference": "inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "inter-server-sync-0.2.3-150300.8.22.2.s390x as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x"
},
"product_reference": "inter-server-sync-0.2.3-150300.8.22.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "inter-server-sync-0.2.3-150300.8.22.2.x86_64 as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64"
},
"product_reference": "inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.2-150300.4.12.2.ppc64le as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le"
},
"product_reference": "patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.2-150300.4.12.2.s390x as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x"
},
"product_reference": "patterns-suma_retail-4.2-150300.4.12.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.2-150300.4.12.2.x86_64 as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64"
},
"product_reference": "patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.2-150300.4.12.2.ppc64le as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le"
},
"product_reference": "patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.2-150300.4.12.2.s390x as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x"
},
"product_reference": "patterns-suma_server-4.2-150300.4.12.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.2-150300.4.12.2.x86_64 as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64"
},
"product_reference": "patterns-suma_server-4.2-150300.4.12.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "py27-compat-salt-3000.3-150300.7.7.23.2.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch"
},
"product_reference": "py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch"
},
"product_reference": "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch"
},
"product_reference": "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le"
},
"product_reference": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x"
},
"product_reference": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64"
},
"product_reference": "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-netapi-client-0.20.0-150300.3.9.4.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch"
},
"product_reference": "salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch"
},
"product_reference": "saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.2.19-150300.4.27.2.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch"
},
"product_reference": "spacecmd-4.2.19-150300.4.27.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-admin-4.2.12-150300.3.15.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch"
},
"product_reference": "spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-app-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-server-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch"
},
"product_reference": "spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch"
},
"product_reference": "spacewalk-base-4.2.29-150300.3.27.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch"
},
"product_reference": "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch"
},
"product_reference": "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch"
},
"product_reference": "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-html-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch"
},
"product_reference": "spacewalk-html-4.2.29-150300.3.27.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-4.2.41-150300.3.43.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch"
},
"product_reference": "spacewalk-java-4.2.41-150300.3.43.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-4.2.41-150300.3.43.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch"
},
"product_reference": "spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-4.2.41-150300.3.43.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch"
},
"product_reference": "spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch"
},
"product_reference": "spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-search-4.2.8-150300.3.12.2.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch"
},
"product_reference": "spacewalk-search-4.2.8-150300.3.12.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch"
},
"product_reference": "spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subscription-matcher-0.29-150300.6.12.2.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch"
},
"product_reference": "subscription-matcher-0.29-150300.6.12.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.2.37-150300.3.41.1.ppc64le as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le"
},
"product_reference": "susemanager-4.2.37-150300.3.41.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.2.37-150300.3.41.1.s390x as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x"
},
"product_reference": "susemanager-4.2.37-150300.3.41.1.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.2.37-150300.3.41.1.x86_64 as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64"
},
"product_reference": "susemanager-4.2.37-150300.3.41.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-doc-indexes-4.2-150300.12.33.4.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch"
},
"product_reference": "susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-4.2-150300.12.33.2.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch"
},
"product_reference": "susemanager-docs_en-4.2-150300.12.33.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch"
},
"product_reference": "susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-schema-4.2.24-150300.3.27.3.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch"
},
"product_reference": "susemanager-schema-4.2.24-150300.3.27.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sls-4.2.27-150300.3.33.4.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch"
},
"product_reference": "susemanager-sls-4.2.27-150300.3.33.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.2.37-150300.3.41.1.ppc64le as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le"
},
"product_reference": "susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.2.37-150300.3.41.1.s390x as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x"
},
"product_reference": "susemanager-tools-4.2.37-150300.3.41.1.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.2.37-150300.3.41.1.x86_64 as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64"
},
"product_reference": "susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uyuni-config-modules-4.2.27-150300.3.33.4.noarch as component of SUSE Manager Server Module 4.2",
"product_id": "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
},
"product_reference": "uyuni-config-modules-4.2.27-150300.3.33.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41411"
}
],
"notes": [
{
"category": "general",
"text": "drools \u003c=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41411",
"url": "https://www.suse.com/security/cve/CVE-2021-41411"
},
{
"category": "external",
"summary": "SUSE Bug 1200629 for CVE-2021-41411",
"url": "https://bugzilla.suse.com/1200629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:38:45Z",
"details": "important"
}
],
"title": "CVE-2021-41411"
},
{
"cve": "CVE-2021-42740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-42740"
}
],
"notes": [
{
"category": "general",
"text": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-42740",
"url": "https://www.suse.com/security/cve/CVE-2021-42740"
},
{
"category": "external",
"summary": "SUSE Bug 1203287 for CVE-2021-42740",
"url": "https://bugzilla.suse.com/1203287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:38:45Z",
"details": "critical"
}
],
"title": "CVE-2021-42740"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:38:45Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2022-31129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31129"
}
],
"notes": [
{
"category": "general",
"text": "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31129",
"url": "https://www.suse.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "SUSE Bug 1203288 for CVE-2022-31129",
"url": "https://bugzilla.suse.com/1203288"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch",
"SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch",
"SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch",
"SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch",
"SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x",
"SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x",
"SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64",
"SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x",
"SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64",
"SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch",
"SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch",
"SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch",
"SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch",
"SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch",
"SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x",
"SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64",
"SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:38:45Z",
"details": "important"
}
],
"title": "CVE-2022-31129"
}
]
}
SUSE-SU-2022:3761-1
Vulnerability from csaf_suse - Published: 2022-10-26 08:58 - Updated: 2022-10-26 08:58Summary
Security update for release-notes-susemanager, release-notes-susemanager-proxy
Severity
Moderate
Notes
Title of the patch: Security update for release-notes-susemanager, release-notes-susemanager-proxy
Description of the patch: This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:
Release notes for SUSE Manager:
- Update to SUSE Manager 4.3.2
* Containerized proxy and RBS are now fully supported
* HTTP API is now fully supported
* Ubuntu 22.04 is now supported as a client
* Cobbler has been upgraded to version 3.3.3 which also includes building ISOs with UEFI support
* pip support has been added for the Salt Bundle
* Prometheus exporter for Apache has been upgraded to 0.10.0
* CVEs fixed: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860, CVE-2022-31129
* Bugs mentioned:
bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027, bsc#1198168
bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573, bsc#1200629
bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626, bsc#1201753
bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271, bsc#1202272
bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602, bsc#1202728
bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026, bsc#1203049
bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288, bsc#1203385
bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478, bsc#1203484
bsc#1203564, bsc#1203585, bsc#1203611
Release notes for SUSE Manager Proxy:
- Update to SUSE Manager 4.3.2
* Containerized proxy and RBS are now fully supported
* CVEs fixed: CVE-2021-42740, CVE-2021-43138, CVE-2022-31129
* Bugs mentioned:
bsc#1198168, bsc#1198903, bsc#1200480, bsc#1201589, bsc#1201788
bsc#1203287, bsc#1203288, bsc#1203585
Patchnames: SUSE-2022-3761,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2022-3761
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.8 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.2 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
63 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for release-notes-susemanager, release-notes-susemanager-proxy",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:\n\nRelease notes for SUSE Manager:\n\n- Update to SUSE Manager 4.3.2\n * Containerized proxy and RBS are now fully supported\n * HTTP API is now fully supported\n * Ubuntu 22.04 is now supported as a client\n * Cobbler has been upgraded to version 3.3.3 which also includes building ISOs with UEFI support\n * pip support has been added for the Salt Bundle \n * Prometheus exporter for Apache has been upgraded to 0.10.0\n * CVEs fixed: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860, CVE-2022-31129\n * Bugs mentioned:\n bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027, bsc#1198168\n bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573, bsc#1200629\n bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626, bsc#1201753\n bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271, bsc#1202272\n bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602, bsc#1202728\n bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026, bsc#1203049\n bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288, bsc#1203385\n bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478, bsc#1203484\n bsc#1203564, bsc#1203585, bsc#1203611 \n\nRelease notes for SUSE Manager Proxy:\n\n- Update to SUSE Manager 4.3.2\n * Containerized proxy and RBS are now fully supported\n * CVEs fixed: CVE-2021-42740, CVE-2021-43138, CVE-2022-31129\n * Bugs mentioned:\n bsc#1198168, bsc#1198903, bsc#1200480, bsc#1201589, bsc#1201788\n bsc#1203287, bsc#1203288, bsc#1203585 \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3761,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2022-3761",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3761-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3761-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223761-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3761-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012707.html"
},
{
"category": "self",
"summary": "SUSE Bug 1191857",
"url": "https://bugzilla.suse.com/1191857"
},
{
"category": "self",
"summary": "SUSE Bug 1195624",
"url": "https://bugzilla.suse.com/1195624"
},
{
"category": "self",
"summary": "SUSE Bug 1196729",
"url": "https://bugzilla.suse.com/1196729"
},
{
"category": "self",
"summary": "SUSE Bug 1197027",
"url": "https://bugzilla.suse.com/1197027"
},
{
"category": "self",
"summary": "SUSE Bug 1198168",
"url": "https://bugzilla.suse.com/1198168"
},
{
"category": "self",
"summary": "SUSE Bug 1198903",
"url": "https://bugzilla.suse.com/1198903"
},
{
"category": "self",
"summary": "SUSE Bug 1199726",
"url": "https://bugzilla.suse.com/1199726"
},
{
"category": "self",
"summary": "SUSE Bug 1200480",
"url": "https://bugzilla.suse.com/1200480"
},
{
"category": "self",
"summary": "SUSE Bug 1200573",
"url": "https://bugzilla.suse.com/1200573"
},
{
"category": "self",
"summary": "SUSE Bug 1200629",
"url": "https://bugzilla.suse.com/1200629"
},
{
"category": "self",
"summary": "SUSE Bug 1201210",
"url": "https://bugzilla.suse.com/1201210"
},
{
"category": "self",
"summary": "SUSE Bug 1201220",
"url": "https://bugzilla.suse.com/1201220"
},
{
"category": "self",
"summary": "SUSE Bug 1201260",
"url": "https://bugzilla.suse.com/1201260"
},
{
"category": "self",
"summary": "SUSE Bug 1201589",
"url": "https://bugzilla.suse.com/1201589"
},
{
"category": "self",
"summary": "SUSE Bug 1201626",
"url": "https://bugzilla.suse.com/1201626"
},
{
"category": "self",
"summary": "SUSE Bug 1201753",
"url": "https://bugzilla.suse.com/1201753"
},
{
"category": "self",
"summary": "SUSE Bug 1201788",
"url": "https://bugzilla.suse.com/1201788"
},
{
"category": "self",
"summary": "SUSE Bug 1201913",
"url": "https://bugzilla.suse.com/1201913"
},
{
"category": "self",
"summary": "SUSE Bug 1201918",
"url": "https://bugzilla.suse.com/1201918"
},
{
"category": "self",
"summary": "SUSE Bug 1202271",
"url": "https://bugzilla.suse.com/1202271"
},
{
"category": "self",
"summary": "SUSE Bug 1202272",
"url": "https://bugzilla.suse.com/1202272"
},
{
"category": "self",
"summary": "SUSE Bug 1202367",
"url": "https://bugzilla.suse.com/1202367"
},
{
"category": "self",
"summary": "SUSE Bug 1202455",
"url": "https://bugzilla.suse.com/1202455"
},
{
"category": "self",
"summary": "SUSE Bug 1202464",
"url": "https://bugzilla.suse.com/1202464"
},
{
"category": "self",
"summary": "SUSE Bug 1202602",
"url": "https://bugzilla.suse.com/1202602"
},
{
"category": "self",
"summary": "SUSE Bug 1202728",
"url": "https://bugzilla.suse.com/1202728"
},
{
"category": "self",
"summary": "SUSE Bug 1202729",
"url": "https://bugzilla.suse.com/1202729"
},
{
"category": "self",
"summary": "SUSE Bug 1202805",
"url": "https://bugzilla.suse.com/1202805"
},
{
"category": "self",
"summary": "SUSE Bug 1202899",
"url": "https://bugzilla.suse.com/1202899"
},
{
"category": "self",
"summary": "SUSE Bug 1203026",
"url": "https://bugzilla.suse.com/1203026"
},
{
"category": "self",
"summary": "SUSE Bug 1203049",
"url": "https://bugzilla.suse.com/1203049"
},
{
"category": "self",
"summary": "SUSE Bug 1203056",
"url": "https://bugzilla.suse.com/1203056"
},
{
"category": "self",
"summary": "SUSE Bug 1203169",
"url": "https://bugzilla.suse.com/1203169"
},
{
"category": "self",
"summary": "SUSE Bug 1203287",
"url": "https://bugzilla.suse.com/1203287"
},
{
"category": "self",
"summary": "SUSE Bug 1203288",
"url": "https://bugzilla.suse.com/1203288"
},
{
"category": "self",
"summary": "SUSE Bug 1203385",
"url": "https://bugzilla.suse.com/1203385"
},
{
"category": "self",
"summary": "SUSE Bug 1203406",
"url": "https://bugzilla.suse.com/1203406"
},
{
"category": "self",
"summary": "SUSE Bug 1203422",
"url": "https://bugzilla.suse.com/1203422"
},
{
"category": "self",
"summary": "SUSE Bug 1203449",
"url": "https://bugzilla.suse.com/1203449"
},
{
"category": "self",
"summary": "SUSE Bug 1203478",
"url": "https://bugzilla.suse.com/1203478"
},
{
"category": "self",
"summary": "SUSE Bug 1203484",
"url": "https://bugzilla.suse.com/1203484"
},
{
"category": "self",
"summary": "SUSE Bug 1203564",
"url": "https://bugzilla.suse.com/1203564"
},
{
"category": "self",
"summary": "SUSE Bug 1203585",
"url": "https://bugzilla.suse.com/1203585"
},
{
"category": "self",
"summary": "SUSE Bug 1203611",
"url": "https://bugzilla.suse.com/1203611"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41411 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-42740 page",
"url": "https://www.suse.com/security/cve/CVE-2021-42740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43138 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-0860 page",
"url": "https://www.suse.com/security/cve/CVE-2022-0860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31129 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31129/"
}
],
"title": "Security update for release-notes-susemanager, release-notes-susemanager-proxy",
"tracking": {
"current_release_date": "2022-10-26T08:58:54Z",
"generator": {
"date": "2022-10-26T08:58:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3761-1",
"initial_release_date": "2022-10-26T08:58:54Z",
"revision_history": [
{
"date": "2022-10-26T08:58:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.aarch64",
"product": {
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.aarch64",
"product_id": "release-notes-susemanager-4.3.2-150400.3.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.aarch64",
"product": {
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.aarch64",
"product_id": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.i586",
"product": {
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.i586",
"product_id": "release-notes-susemanager-4.3.2-150400.3.15.1.i586"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.i586",
"product": {
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.i586",
"product_id": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"product": {
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"product_id": "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.ppc64le",
"product": {
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.ppc64le",
"product_id": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"product": {
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"product_id": "release-notes-susemanager-4.3.2-150400.3.15.1.s390x"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.s390x",
"product": {
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.s390x",
"product_id": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64",
"product": {
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64",
"product_id": "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"product": {
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"product_id": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server 4.3",
"product_id": "SUSE Manager Retail Branch Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64"
},
"product_reference": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 as component of SUSE Manager Retail Branch Server 4.3",
"product_id": "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64"
},
"product_reference": "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le"
},
"product_reference": "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x"
},
"product_reference": "release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
},
"product_reference": "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41411"
}
],
"notes": [
{
"category": "general",
"text": "drools \u003c=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41411",
"url": "https://www.suse.com/security/cve/CVE-2021-41411"
},
{
"category": "external",
"summary": "SUSE Bug 1200629 for CVE-2021-41411",
"url": "https://bugzilla.suse.com/1200629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-10-26T08:58:54Z",
"details": "important"
}
],
"title": "CVE-2021-41411"
},
{
"cve": "CVE-2021-42740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-42740"
}
],
"notes": [
{
"category": "general",
"text": "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-42740",
"url": "https://www.suse.com/security/cve/CVE-2021-42740"
},
{
"category": "external",
"summary": "SUSE Bug 1203287 for CVE-2021-42740",
"url": "https://bugzilla.suse.com/1203287"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-10-26T08:58:54Z",
"details": "critical"
}
],
"title": "CVE-2021-42740"
},
{
"cve": "CVE-2021-43138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43138"
}
],
"notes": [
{
"category": "general",
"text": "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43138",
"url": "https://www.suse.com/security/cve/CVE-2021-43138"
},
{
"category": "external",
"summary": "SUSE Bug 1200480 for CVE-2021-43138",
"url": "https://bugzilla.suse.com/1200480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-10-26T08:58:54Z",
"details": "important"
}
],
"title": "CVE-2021-43138"
},
{
"cve": "CVE-2022-0860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-0860"
}
],
"notes": [
{
"category": "general",
"text": "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-0860",
"url": "https://www.suse.com/security/cve/CVE-2022-0860"
},
{
"category": "external",
"summary": "SUSE Bug 1197027 for CVE-2022-0860",
"url": "https://bugzilla.suse.com/1197027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-10-26T08:58:54Z",
"details": "important"
}
],
"title": "CVE-2022-0860"
},
{
"cve": "CVE-2022-31129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31129"
}
],
"notes": [
{
"category": "general",
"text": "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31129",
"url": "https://www.suse.com/security/cve/CVE-2022-31129"
},
{
"category": "external",
"summary": "SUSE Bug 1203288 for CVE-2022-31129",
"url": "https://bugzilla.suse.com/1203288"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x",
"SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-10-26T08:58:54Z",
"details": "important"
}
],
"title": "CVE-2022-31129"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…