Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-0767
Vulnerability from cvelistv5
Published
2023-06-02 00:00
Modified
2024-08-02 05:24
Severity ?
EPSS score ?
Summary
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Mozilla | Firefox |
Version: unspecified < 110 |
||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T05:24:34.139Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20230324-0008/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "tags": [ "x_transferred" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640" }, { "tags": [ "x_transferred" ], "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Firefox", "vendor": "Mozilla", "versions": [ { "lessThan": "110", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Thunderbird", "vendor": "Mozilla", "versions": [ { "lessThan": "102.8", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "Firefox ESR", "vendor": "Mozilla", "versions": [ { "lessThan": "102.8", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8." } ], "problemTypes": [ { "descriptions": [ { "description": "Arbitrary memory write via PKCS 12 in NSS", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-23T00:00:00", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla" }, "references": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640" }, { "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html" } ] } }, "cveMetadata": { "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2023-0767", "datePublished": "2023-06-02T00:00:00", "dateReserved": "2023-02-09T00:00:00", "dateUpdated": "2024-08-02T05:24:34.139Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-0767\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2023-06-02T17:15:10.440\",\"lastModified\":\"2024-11-21T07:37:46.880\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"110.0\",\"matchCriteriaId\":\"811EBB2F-0FAA-49DB-8B16-99341814C3D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"102.8\",\"matchCriteriaId\":\"731649BC-CBBC-4423-93E1-577EF7A17DBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"102.8\",\"matchCriteriaId\":\"E7ED1B02-7653-4441-B4F4-980A86C4F170\"}]}]}],\"references\":[{\"url\":\"https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Product\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1804640\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-05/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-06/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-07/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1804640\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230324-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-05/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-06/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2023-07/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
rhsa-2023_1479
Vulnerability from csaf_redhat
Published
2023-03-27 15:14
Modified
2024-11-22 22:19
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.9.0 ESR.
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)
* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)
* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)
* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)
* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 102.9.0 ESR.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\n* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)\n\n* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)\n\n* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)\n\n* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)\n\n* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1479", "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1479.json" } ], "title": "Red Hat Security Advisory: firefox security update", "tracking": { "current_release_date": "2024-11-22T22:19:56+00:00", "generator": { "date": "2024-11-22T22:19:56+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1479", "initial_release_date": "2023-03-27T15:14:31+00:00", "revision_history": [ { "date": "2023-03-27T15:14:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-27T15:14:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:19:56+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product": { "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_e4s:8.1::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_1.src", "product": { "name": "firefox-0:102.9.0-4.el8_1.src", "product_id": "firefox-0:102.9.0-4.el8_1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_1?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_1.ppc64le", "product": { "name": "firefox-0:102.9.0-4.el8_1.ppc64le", "product_id": "firefox-0:102.9.0-4.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "product": { "name": "firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "product_id": "firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debugsource@102.9.0-4.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "product": { "name": "firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "product_id": "firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@102.9.0-4.el8_1?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_1.x86_64", "product": { "name": "firefox-0:102.9.0-4.el8_1.x86_64", "product_id": "firefox-0:102.9.0-4.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-debugsource-0:102.9.0-4.el8_1.x86_64", "product": { "name": "firefox-debugsource-0:102.9.0-4.el8_1.x86_64", "product_id": "firefox-debugsource-0:102.9.0-4.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debugsource@102.9.0-4.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "product": { "name": "firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "product_id": "firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@102.9.0-4.el8_1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le" }, "product_reference": "firefox-0:102.9.0-4.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_1.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src" }, "product_reference": "firefox-0:102.9.0-4.el8_1.src", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64" }, "product_reference": "firefox-0:102.9.0-4.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le" }, "product_reference": "firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:102.9.0-4.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64" }, "product_reference": "firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debugsource-0:102.9.0-4.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le" }, "product_reference": "firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debugsource-0:102.9.0-4.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" }, "product_reference": "firefox-debugsource-0:102.9.0-4.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T15:14:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25751", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178458" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of invalidating JIT code while following an iterator. The newly generated code could be overwritten incorrectly, leading to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Incorrect code generation during JIT compilation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25751" }, { "category": "external", "summary": "RHBZ#2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25751", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T15:14:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Incorrect code generation during JIT compilation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ronald Crane" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25752", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178460" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Potential out-of-bounds when accessing throttled streams", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25752" }, { "category": "external", "summary": "RHBZ#2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25752", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T15:14:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Potential out-of-bounds when accessing throttled streams" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28162", "cwe": { "id": "CWE-704", "name": "Incorrect Type Conversion or Cast" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178466" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nWhile implementing AudioWorklets, some code may have cast one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Invalid downcast in Worklets", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28162" }, { "category": "external", "summary": "RHBZ#2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28162", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T15:14:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Invalid downcast in Worklets" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Luan Herrera" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28164", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178470" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28164" }, { "category": "external", "summary": "RHBZ#2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28164", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28164" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T15:14:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla developers and community" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28176", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178472" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue in which Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 110 and ESR 102.8. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28176" }, { "category": "external", "summary": "RHBZ#2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28176", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28176" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T15:14:31+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1479" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.src", "AppStream-8.1.0.Z.E4S:firefox-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9" } ] }
rhsa-2023_1443
Vulnerability from csaf_redhat
Published
2023-03-23 11:18
Modified
2024-11-22 22:19
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 102.9.0.
Security Fix(es):
* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)
* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)
* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)
* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)
* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 102.9.0.\n\nSecurity Fix(es):\n\n* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)\n\n* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)\n\n* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)\n\n* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)\n\n* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1443", "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1443.json" } ], "title": "Red Hat Security Advisory: thunderbird security update", "tracking": { "current_release_date": "2024-11-22T22:19:37+00:00", "generator": { "date": "2024-11-22T22:19:37+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1443", "initial_release_date": "2023-03-23T11:18:58+00:00", "revision_history": [ { "date": "2023-03-23T11:18:58+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-23T11:18:58+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:19:37+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_aus:8.2::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_e4s:8.2::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_tus:8.2::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_2.src", "product": { "name": "thunderbird-0:102.9.0-2.el8_2.src", "product_id": "thunderbird-0:102.9.0-2.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_2.x86_64", "product": { "name": "thunderbird-0:102.9.0-2.el8_2.x86_64", "product_id": "thunderbird-0:102.9.0-2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "product": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "product_id": "thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debugsource@102.9.0-2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "product": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "product_id": "thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@102.9.0-2.el8_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_2.ppc64le", "product": { "name": "thunderbird-0:102.9.0-2.el8_2.ppc64le", "product_id": "thunderbird-0:102.9.0-2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "product": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "product_id": "thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debugsource@102.9.0-2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "product": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "product_id": "thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@102.9.0-2.el8_2?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_2.src as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src" }, "product_reference": "thunderbird-0:102.9.0-2.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64" }, "product_reference": "thunderbird-0:102.9.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64" }, "product_reference": "thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" }, "product_reference": "thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le" }, "product_reference": "thunderbird-0:102.9.0-2.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_2.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src" }, "product_reference": "thunderbird-0:102.9.0-2.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64" }, "product_reference": "thunderbird-0:102.9.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le" }, "product_reference": "thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64" }, "product_reference": "thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le" }, "product_reference": "thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" }, "product_reference": "thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_2.src as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src" }, "product_reference": "thunderbird-0:102.9.0-2.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64" }, "product_reference": "thunderbird-0:102.9.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64" }, "product_reference": "thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" }, "product_reference": "thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:18:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1443" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25751", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178458" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of invalidating JIT code while following an iterator. The newly generated code could be overwritten incorrectly, leading to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Incorrect code generation during JIT compilation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25751" }, { "category": "external", "summary": "RHBZ#2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25751", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:18:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1443" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Incorrect code generation during JIT compilation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ronald Crane" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25752", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178460" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Potential out-of-bounds when accessing throttled streams", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25752" }, { "category": "external", "summary": "RHBZ#2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25752", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:18:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1443" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Potential out-of-bounds when accessing throttled streams" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28162", "cwe": { "id": "CWE-704", "name": "Incorrect Type Conversion or Cast" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178466" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nWhile implementing AudioWorklets, some code may have cast one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Invalid downcast in Worklets", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28162" }, { "category": "external", "summary": "RHBZ#2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28162", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:18:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1443" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Invalid downcast in Worklets" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Luan Herrera" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28164", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178470" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28164" }, { "category": "external", "summary": "RHBZ#2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28164", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28164" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:18:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1443" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla developers and community" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28176", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178472" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue in which Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 110 and ESR 102.8. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28176" }, { "category": "external", "summary": "RHBZ#2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28176", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28176" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:18:58+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1443" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.AUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.E4S:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.src", "AppStream-8.2.0.Z.TUS:thunderbird-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debuginfo-0:102.9.0-2.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:thunderbird-debugsource-0:102.9.0-2.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9" } ] }
rhsa-2023_1252
Vulnerability from csaf_redhat
Published
2023-03-15 10:00
Modified
2024-11-22 22:17
Summary
Red Hat Security Advisory: nss security update
Notes
Topic
An update for nss is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nss is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1252", "url": "https://access.redhat.com/errata/RHSA-2023:1252" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1252.json" } ], "title": "Red Hat Security Advisory: nss security update", "tracking": { "current_release_date": "2024-11-22T22:17:54+00:00", "generator": { "date": "2024-11-22T22:17:54+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1252", "initial_release_date": "2023-03-15T10:00:16+00:00", "revision_history": [ { "date": "2023-03-15T10:00:16+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-15T10:00:16+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:17:54+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_7.src", "product": { "name": "nss-0:3.79.0-11.el8_7.src", "product_id": "nss-0:3.79.0-11.el8_7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-devel-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-devel-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-softokn-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-softokn-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-softokn-devel-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-softokn-devel-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-softokn-freebl-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-sysinit-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-sysinit-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-tools-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-tools-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-util-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-util-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-util-devel-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-util-devel-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-debugsource-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-debugsource-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-tools-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-11.el8_7?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.aarch64", "product": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_id": "nss-util-debuginfo-0:3.79.0-11.el8_7.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-11.el8_7?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-devel-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-devel-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-softokn-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-softokn-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-softokn-devel-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-softokn-devel-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-softokn-freebl-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-sysinit-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-sysinit-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-tools-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-tools-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-util-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-util-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-util-devel-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-util-devel-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-debugsource-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-debugsource-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-tools-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-11.el8_7?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_id": "nss-util-debuginfo-0:3.79.0-11.el8_7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-11.el8_7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-0:3.79.0-11.el8_7.i686", "product_id": "nss-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-devel-0:3.79.0-11.el8_7.i686", "product_id": "nss-devel-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-softokn-0:3.79.0-11.el8_7.i686", "product_id": "nss-softokn-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-softokn-devel-0:3.79.0-11.el8_7.i686", "product_id": "nss-softokn-devel-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.i686", "product_id": "nss-softokn-freebl-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.i686", "product_id": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-util-0:3.79.0-11.el8_7.i686", "product_id": "nss-util-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-util-devel-0:3.79.0-11.el8_7.i686", "product_id": "nss-util-devel-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-debugsource-0:3.79.0-11.el8_7.i686", "product_id": "nss-debugsource-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-debuginfo-0:3.79.0-11.el8_7.i686", "product_id": "nss-debuginfo-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.i686", "product_id": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.i686", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.i686", "product_id": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.i686", "product_id": "nss-tools-debuginfo-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-11.el8_7?arch=i686" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.i686", "product": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.i686", "product_id": "nss-util-debuginfo-0:3.79.0-11.el8_7.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-11.el8_7?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-devel-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-devel-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-softokn-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-softokn-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-softokn-devel-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-softokn-devel-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-softokn-freebl-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-sysinit-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-sysinit-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-tools-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-tools-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-util-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-util-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-util-devel-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-util-devel-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-debugsource-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-debugsource-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-tools-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-11.el8_7?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.x86_64", "product": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_id": "nss-util-debuginfo-0:3.79.0-11.el8_7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-11.el8_7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-0:3.79.0-11.el8_7.s390x", "product_id": "nss-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-devel-0:3.79.0-11.el8_7.s390x", "product_id": "nss-devel-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-softokn-0:3.79.0-11.el8_7.s390x", "product_id": "nss-softokn-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-softokn-devel-0:3.79.0-11.el8_7.s390x", "product_id": "nss-softokn-devel-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.s390x", "product_id": "nss-softokn-freebl-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.s390x", "product_id": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-sysinit-0:3.79.0-11.el8_7.s390x", "product_id": "nss-sysinit-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-tools-0:3.79.0-11.el8_7.s390x", "product_id": "nss-tools-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-util-0:3.79.0-11.el8_7.s390x", "product_id": "nss-util-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-util-devel-0:3.79.0-11.el8_7.s390x", "product_id": "nss-util-devel-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-debugsource-0:3.79.0-11.el8_7.s390x", "product_id": "nss-debugsource-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-debuginfo-0:3.79.0-11.el8_7.s390x", "product_id": "nss-debuginfo-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.s390x", "product_id": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.s390x", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.s390x", "product_id": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.s390x", "product_id": "nss-tools-debuginfo-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-11.el8_7?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.s390x", "product": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.s390x", "product_id": "nss-util-debuginfo-0:3.79.0-11.el8_7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-11.el8_7?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_7.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.src" }, "product_reference": "nss-0:3.79.0-11.el8_7.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-debuginfo-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-debugsource-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-debugsource-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-debugsource-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-debugsource-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-debugsource-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-devel-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-devel-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-devel-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-devel-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-softokn-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-softokn-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-softokn-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-softokn-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-softokn-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-softokn-devel-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-softokn-devel-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-softokn-devel-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-softokn-devel-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-softokn-devel-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-softokn-freebl-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-softokn-freebl-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-softokn-freebl-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-softokn-freebl-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-softokn-freebl-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-sysinit-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-tools-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-tools-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-tools-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-util-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-util-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-util-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-util-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-util-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-util-debuginfo-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-util-debuginfo-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-util-debuginfo-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-util-debuginfo-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-util-debuginfo-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-11.el8_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.aarch64" }, "product_reference": "nss-util-devel-0:3.79.0-11.el8_7.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-11.el8_7.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.i686" }, "product_reference": "nss-util-devel-0:3.79.0-11.el8_7.i686", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-11.el8_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.ppc64le" }, "product_reference": "nss-util-devel-0:3.79.0-11.el8_7.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-11.el8_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.s390x" }, "product_reference": "nss-util-devel-0:3.79.0-11.el8_7.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-11.el8_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.x86_64" }, "product_reference": "nss-util-devel-0:3.79.0-11.el8_7.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.src", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-15T10:00:16+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.src", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1252" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.src", "AppStream-8.7.0.Z.MAIN:nss-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-debugsource-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-devel-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-devel-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-sysinit-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-tools-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-util-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-11.el8_7.x86_64", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.aarch64", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.i686", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.ppc64le", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.s390x", "AppStream-8.7.0.Z.MAIN:nss-util-devel-0:3.79.0-11.el8_7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" } ] }
rhsa-2023_1436
Vulnerability from csaf_redhat
Published
2023-03-23 09:09
Modified
2024-11-22 22:19
Summary
Red Hat Security Advisory: nss security update
Notes
Topic
An update for nss is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nss is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1436", "url": "https://access.redhat.com/errata/RHSA-2023:1436" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1436.json" } ], "title": "Red Hat Security Advisory: nss security update", "tracking": { "current_release_date": "2024-11-22T22:19:07+00:00", "generator": { "date": "2024-11-22T22:19:07+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1436", "initial_release_date": "2023-03-23T09:09:56+00:00", "revision_history": [ { "date": "2023-03-23T09:09:56+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-23T09:09:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:19:07+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product": { "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_e4s:8.1::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.44.0-11.el8_1.src", "product": { "name": "nss-0:3.44.0-11.el8_1.src", "product_id": "nss-0:3.44.0-11.el8_1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.44.0-11.el8_1?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-devel-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-devel-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-devel-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-softokn-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-softokn-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-softokn-devel-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-softokn-devel-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-softokn-freebl-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-softokn-freebl-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-sysinit-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-sysinit-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-tools-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-tools-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-util-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-util-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-util-devel-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-util-devel-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-debugsource-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-debugsource-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-tools-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-tools-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.44.0-11.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product": { "name": "nss-util-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_id": "nss-util-debuginfo-0:3.44.0-11.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.44.0-11.el8_1?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-0:3.44.0-11.el8_1.i686", "product_id": "nss-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-devel-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-devel-0:3.44.0-11.el8_1.i686", "product_id": "nss-devel-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-softokn-0:3.44.0-11.el8_1.i686", "product_id": "nss-softokn-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-softokn-devel-0:3.44.0-11.el8_1.i686", "product_id": "nss-softokn-devel-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-softokn-freebl-0:3.44.0-11.el8_1.i686", "product_id": "nss-softokn-freebl-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.i686", "product_id": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-util-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-util-0:3.44.0-11.el8_1.i686", "product_id": "nss-util-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-util-devel-0:3.44.0-11.el8_1.i686", "product_id": "nss-util-devel-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-debugsource-0:3.44.0-11.el8_1.i686", "product_id": "nss-debugsource-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-debuginfo-0:3.44.0-11.el8_1.i686", "product_id": "nss-debuginfo-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.i686", "product_id": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.i686", "product_id": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.i686", "product_id": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-tools-debuginfo-0:3.44.0-11.el8_1.i686", "product_id": "nss-tools-debuginfo-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.44.0-11.el8_1?arch=i686" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.44.0-11.el8_1.i686", "product": { "name": "nss-util-debuginfo-0:3.44.0-11.el8_1.i686", "product_id": "nss-util-debuginfo-0:3.44.0-11.el8_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.44.0-11.el8_1?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-devel-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-devel-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-devel-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-softokn-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-softokn-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-softokn-devel-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-softokn-devel-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-softokn-freebl-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-softokn-freebl-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-sysinit-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-sysinit-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-tools-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-tools-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-util-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-util-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-util-devel-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-util-devel-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-debugsource-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-debugsource-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-tools-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-tools-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.44.0-11.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.44.0-11.el8_1.x86_64", "product": { "name": "nss-util-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_id": "nss-util-debuginfo-0:3.44.0-11.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.44.0-11.el8_1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-11.el8_1.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.src" }, "product_reference": "nss-0:3.44.0-11.el8_1.src", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-debuginfo-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-debuginfo-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-debuginfo-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-debugsource-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-debugsource-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-debugsource-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-devel-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-devel-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-devel-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-softokn-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-softokn-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-softokn-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-softokn-debuginfo-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-softokn-devel-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-softokn-devel-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-softokn-devel-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-softokn-freebl-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-softokn-freebl-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-softokn-freebl-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-softokn-freebl-devel-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-sysinit-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-sysinit-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-sysinit-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-sysinit-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-sysinit-debuginfo-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-tools-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-tools-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-tools-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-tools-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-tools-debuginfo-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-tools-debuginfo-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-tools-debuginfo-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-util-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-util-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-util-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-util-debuginfo-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-util-debuginfo-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-util-debuginfo-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.44.0-11.el8_1.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.i686" }, "product_reference": "nss-util-devel-0:3.44.0-11.el8_1.i686", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.44.0-11.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.ppc64le" }, "product_reference": "nss-util-devel-0:3.44.0-11.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.44.0-11.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.x86_64" }, "product_reference": "nss-util-devel-0:3.44.0-11.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.src", "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-sysinit-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-sysinit-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-tools-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-tools-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T09:09:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.src", "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-sysinit-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-sysinit-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-tools-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-tools-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1436" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.src", "AppStream-8.1.0.Z.E4S:nss-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-debugsource-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-devel-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-devel-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-softokn-freebl-devel-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-sysinit-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-sysinit-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-sysinit-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-tools-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-tools-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-tools-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-util-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-util-debuginfo-0:3.44.0-11.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.i686", "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:nss-util-devel-0:3.44.0-11.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" } ] }
rhsa-2023_1366
Vulnerability from csaf_redhat
Published
2023-03-21 09:42
Modified
2024-11-22 22:18
Summary
Red Hat Security Advisory: nss security update
Notes
Topic
An update for nss is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nss is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1366", "url": "https://access.redhat.com/errata/RHSA-2023:1366" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1366.json" } ], "title": "Red Hat Security Advisory: nss security update", "tracking": { "current_release_date": "2024-11-22T22:18:21+00:00", "generator": { "date": "2024-11-22T22:18:21+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1366", "initial_release_date": "2023-03-21T09:42:24+00:00", "revision_history": [ { "date": "2023-03-21T09:42:24+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-21T09:42:24+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:18:21+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6 ELS)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_els:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_els:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.44.0-13.el6_10.src", "product": { "name": "nss-0:3.44.0-13.el6_10.src", "product_id": "nss-0:3.44.0-13.el6_10.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.44.0-13.el6_10?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.44.0-13.el6_10.s390", "product": { "name": "nss-0:3.44.0-13.el6_10.s390", "product_id": "nss-0:3.44.0-13.el6_10.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.44.0-13.el6_10?arch=s390" } } }, { "category": "product_version", "name": "nss-devel-0:3.44.0-13.el6_10.s390", "product": { "name": "nss-devel-0:3.44.0-13.el6_10.s390", "product_id": "nss-devel-0:3.44.0-13.el6_10.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.44.0-13.el6_10?arch=s390" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.44.0-13.el6_10.s390", "product": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.s390", "product_id": "nss-debuginfo-0:3.44.0-13.el6_10.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.44.0-13.el6_10?arch=s390" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "product": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "product_id": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.44.0-13.el6_10?arch=s390" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.44.0-13.el6_10.s390x", "product": { "name": "nss-0:3.44.0-13.el6_10.s390x", "product_id": "nss-0:3.44.0-13.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.44.0-13.el6_10?arch=s390x" } } }, { "category": "product_version", "name": "nss-devel-0:3.44.0-13.el6_10.s390x", "product": { "name": "nss-devel-0:3.44.0-13.el6_10.s390x", "product_id": "nss-devel-0:3.44.0-13.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.44.0-13.el6_10?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.44.0-13.el6_10.s390x", "product": { "name": "nss-sysinit-0:3.44.0-13.el6_10.s390x", "product_id": "nss-sysinit-0:3.44.0-13.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.44.0-13.el6_10?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-0:3.44.0-13.el6_10.s390x", "product": { "name": "nss-tools-0:3.44.0-13.el6_10.s390x", "product_id": "nss-tools-0:3.44.0-13.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.44.0-13.el6_10?arch=s390x" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.44.0-13.el6_10.s390x", "product": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.s390x", "product_id": "nss-debuginfo-0:3.44.0-13.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.44.0-13.el6_10?arch=s390x" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "product": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "product_id": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.44.0-13.el6_10?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.44.0-13.el6_10.x86_64", "product": { "name": "nss-0:3.44.0-13.el6_10.x86_64", "product_id": "nss-0:3.44.0-13.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.44.0-13.el6_10?arch=x86_64" } } }, { "category": "product_version", "name": "nss-devel-0:3.44.0-13.el6_10.x86_64", "product": { "name": "nss-devel-0:3.44.0-13.el6_10.x86_64", "product_id": "nss-devel-0:3.44.0-13.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.44.0-13.el6_10?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.44.0-13.el6_10.x86_64", "product": { "name": "nss-sysinit-0:3.44.0-13.el6_10.x86_64", "product_id": "nss-sysinit-0:3.44.0-13.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.44.0-13.el6_10?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-0:3.44.0-13.el6_10.x86_64", "product": { "name": "nss-tools-0:3.44.0-13.el6_10.x86_64", "product_id": "nss-tools-0:3.44.0-13.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.44.0-13.el6_10?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "product": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "product_id": "nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.44.0-13.el6_10?arch=x86_64" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "product": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "product_id": "nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.44.0-13.el6_10?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.44.0-13.el6_10.i686", "product": { "name": "nss-0:3.44.0-13.el6_10.i686", "product_id": "nss-0:3.44.0-13.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.44.0-13.el6_10?arch=i686" } } }, { "category": "product_version", "name": "nss-devel-0:3.44.0-13.el6_10.i686", "product": { "name": "nss-devel-0:3.44.0-13.el6_10.i686", "product_id": "nss-devel-0:3.44.0-13.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.44.0-13.el6_10?arch=i686" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.44.0-13.el6_10.i686", "product": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.i686", "product_id": "nss-debuginfo-0:3.44.0-13.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.44.0-13.el6_10?arch=i686" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.44.0-13.el6_10.i686", "product": { "name": "nss-sysinit-0:3.44.0-13.el6_10.i686", "product_id": "nss-sysinit-0:3.44.0-13.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.44.0-13.el6_10?arch=i686" } } }, { "category": "product_version", "name": "nss-tools-0:3.44.0-13.el6_10.i686", "product": { "name": "nss-tools-0:3.44.0-13.el6_10.i686", "product_id": "nss-tools-0:3.44.0-13.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.44.0-13.el6_10?arch=i686" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "product": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "product_id": "nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.44.0-13.el6_10?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-13.el6_10.s390 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-0:3.44.0-13.el6_10.s390" }, "product_reference": "nss-0:3.44.0-13.el6_10.s390", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-13.el6_10.src as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-0:3.44.0-13.el6_10.src" }, "product_reference": "nss-0:3.44.0-13.el6_10.src", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-debuginfo-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.s390 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390" }, "product_reference": "nss-debuginfo-0:3.44.0-13.el6_10.s390", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-debuginfo-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-devel-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-13.el6_10.s390 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.s390" }, "product_reference": "nss-devel-0:3.44.0-13.el6_10.s390", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-devel-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-devel-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390" }, "product_reference": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-sysinit-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-sysinit-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-sysinit-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-tools-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-tools-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6 ELS)", "product_id": "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-tools-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-13.el6_10.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.s390" }, "product_reference": "nss-0:3.44.0-13.el6_10.s390", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-13.el6_10.src as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.src" }, "product_reference": "nss-0:3.44.0-13.el6_10.src", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-debuginfo-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390" }, "product_reference": "nss-debuginfo-0:3.44.0-13.el6_10.s390", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-debuginfo-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-devel-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-13.el6_10.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.s390" }, "product_reference": "nss-devel-0:3.44.0-13.el6_10.s390", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-devel-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-devel-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390" }, "product_reference": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-sysinit-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-sysinit-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-sysinit-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.44.0-13.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.i686" }, "product_reference": "nss-tools-0:3.44.0-13.el6_10.i686", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.44.0-13.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.s390x" }, "product_reference": "nss-tools-0:3.44.0-13.el6_10.s390x", "relates_to_product_reference": "6Server-optional-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.44.0-13.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6 ELS)", "product_id": "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.x86_64" }, "product_reference": "nss-tools-0:3.44.0-13.el6_10.x86_64", "relates_to_product_reference": "6Server-optional-ELS" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-ELS:nss-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-0:3.44.0-13.el6_10.src", "6Server-ELS:nss-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.src", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-21T09:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "6Server-ELS:nss-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-0:3.44.0-13.el6_10.src", "6Server-ELS:nss-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.src", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1366" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Server-ELS:nss-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-0:3.44.0-13.el6_10.src", "6Server-ELS:nss-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-devel-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-sysinit-0:3.44.0-13.el6_10.x86_64", "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.i686", "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.s390x", "6Server-ELS:nss-tools-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.src", "6Server-optional-ELS:nss-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-debuginfo-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-devel-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-pkcs11-devel-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-sysinit-0:3.44.0-13.el6_10.x86_64", "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.i686", "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.s390x", "6Server-optional-ELS:nss-tools-0:3.44.0-13.el6_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" } ] }
rhsa-2023_1370
Vulnerability from csaf_redhat
Published
2023-03-21 09:48
Modified
2024-11-22 22:18
Summary
Red Hat Security Advisory: nss security update
Notes
Topic
An update for nss is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nss is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1370", "url": "https://access.redhat.com/errata/RHSA-2023:1370" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1370.json" } ], "title": "Red Hat Security Advisory: nss security update", "tracking": { "current_release_date": "2024-11-22T22:18:49+00:00", "generator": { "date": "2024-11-22T22:18:49+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1370", "initial_release_date": "2023-03-21T09:48:20+00:00", "revision_history": [ { "date": "2023-03-21T09:48:20+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-21T09:48:20+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:18:49+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.4::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.67.0-8.el8_4.src", "product": { "name": "nss-0:3.67.0-8.el8_4.src", "product_id": "nss-0:3.67.0-8.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.67.0-8.el8_4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-devel-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-devel-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-devel-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-softokn-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-softokn-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-softokn-devel-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-softokn-devel-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-softokn-freebl-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-sysinit-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-sysinit-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-tools-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-tools-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-util-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-util-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-util-devel-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-util-devel-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-debugsource-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-debugsource-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-tools-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.67.0-8.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.aarch64", "product": { "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_id": "nss-util-debuginfo-0:3.67.0-8.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.67.0-8.el8_4?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-devel-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-devel-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-devel-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-softokn-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-softokn-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-softokn-devel-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-softokn-devel-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-softokn-freebl-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-sysinit-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-sysinit-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-tools-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-tools-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-util-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-util-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-util-devel-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-util-devel-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-debugsource-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-debugsource-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-tools-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.67.0-8.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product": { "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_id": "nss-util-debuginfo-0:3.67.0-8.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.67.0-8.el8_4?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-0:3.67.0-8.el8_4.i686", "product_id": "nss-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-devel-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-devel-0:3.67.0-8.el8_4.i686", "product_id": "nss-devel-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-softokn-0:3.67.0-8.el8_4.i686", "product_id": "nss-softokn-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-softokn-devel-0:3.67.0-8.el8_4.i686", "product_id": "nss-softokn-devel-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.i686", "product_id": "nss-softokn-freebl-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.i686", "product_id": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-util-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-util-0:3.67.0-8.el8_4.i686", "product_id": "nss-util-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-util-devel-0:3.67.0-8.el8_4.i686", "product_id": "nss-util-devel-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-debugsource-0:3.67.0-8.el8_4.i686", "product_id": "nss-debugsource-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-debuginfo-0:3.67.0-8.el8_4.i686", "product_id": "nss-debuginfo-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.i686", "product_id": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.i686", "product_id": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.i686", "product_id": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.i686", "product_id": "nss-tools-debuginfo-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.67.0-8.el8_4?arch=i686" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.i686", "product": { "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.i686", "product_id": "nss-util-debuginfo-0:3.67.0-8.el8_4.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.67.0-8.el8_4?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-devel-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-devel-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-devel-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-softokn-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-softokn-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-softokn-devel-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-softokn-devel-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-softokn-freebl-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-sysinit-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-sysinit-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-tools-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-tools-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-util-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-util-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-util-devel-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-util-devel-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-debugsource-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-debugsource-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-tools-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.67.0-8.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.x86_64", "product": { "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_id": "nss-util-debuginfo-0:3.67.0-8.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.67.0-8.el8_4?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-0:3.67.0-8.el8_4.s390x", "product_id": "nss-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-devel-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-devel-0:3.67.0-8.el8_4.s390x", "product_id": "nss-devel-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-softokn-0:3.67.0-8.el8_4.s390x", "product_id": "nss-softokn-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-softokn-devel-0:3.67.0-8.el8_4.s390x", "product_id": "nss-softokn-devel-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.s390x", "product_id": "nss-softokn-freebl-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.s390x", "product_id": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-sysinit-0:3.67.0-8.el8_4.s390x", "product_id": "nss-sysinit-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-tools-0:3.67.0-8.el8_4.s390x", "product_id": "nss-tools-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-util-0:3.67.0-8.el8_4.s390x", "product_id": "nss-util-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-util-devel-0:3.67.0-8.el8_4.s390x", "product_id": "nss-util-devel-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-debugsource-0:3.67.0-8.el8_4.s390x", "product_id": "nss-debugsource-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-debuginfo-0:3.67.0-8.el8_4.s390x", "product_id": "nss-debuginfo-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.s390x", "product_id": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.s390x", "product_id": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.s390x", "product_id": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.s390x", "product_id": "nss-tools-debuginfo-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.67.0-8.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.s390x", "product": { "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.s390x", "product_id": "nss-util-debuginfo-0:3.67.0-8.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.67.0-8.el8_4?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.67.0-8.el8_4.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.src" }, "product_reference": "nss-0:3.67.0-8.el8_4.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-debuginfo-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-debuginfo-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-debuginfo-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-debuginfo-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-debuginfo-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-debugsource-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-debugsource-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-debugsource-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-debugsource-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-debugsource-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-devel-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-devel-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-devel-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-devel-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-devel-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-softokn-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-softokn-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-softokn-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-softokn-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-softokn-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-softokn-debuginfo-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-softokn-devel-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-softokn-devel-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-softokn-devel-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-softokn-devel-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-softokn-devel-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-softokn-freebl-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-softokn-freebl-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-softokn-freebl-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-softokn-freebl-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-softokn-freebl-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-softokn-freebl-devel-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-sysinit-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-sysinit-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-sysinit-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-sysinit-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-sysinit-debuginfo-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-tools-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-tools-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-tools-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-tools-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-tools-debuginfo-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-tools-debuginfo-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-tools-debuginfo-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-tools-debuginfo-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-tools-debuginfo-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-util-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-util-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-util-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-util-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-util-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-util-debuginfo-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-util-debuginfo-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-util-debuginfo-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-util-debuginfo-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-util-debuginfo-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.67.0-8.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.aarch64" }, "product_reference": "nss-util-devel-0:3.67.0-8.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.67.0-8.el8_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.i686" }, "product_reference": "nss-util-devel-0:3.67.0-8.el8_4.i686", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.67.0-8.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.ppc64le" }, "product_reference": "nss-util-devel-0:3.67.0-8.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.67.0-8.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.s390x" }, "product_reference": "nss-util-devel-0:3.67.0-8.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.67.0-8.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.x86_64" }, "product_reference": "nss-util-devel-0:3.67.0-8.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.src", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-21T09:48:20+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.src", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1370" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.src", "AppStream-8.4.0.Z.EUS:nss-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-debugsource-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-devel-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-devel-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-softokn-freebl-devel-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-sysinit-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-sysinit-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-tools-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-tools-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-util-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-util-debuginfo-0:3.67.0-8.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.i686", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.s390x", "AppStream-8.4.0.Z.EUS:nss-util-devel-0:3.67.0-8.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" } ] }
rhsa-2023_1472
Vulnerability from csaf_redhat
Published
2023-03-27 08:20
Modified
2024-11-22 22:19
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 102.9.0.
Security Fix(es):
* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)
* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)
* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)
* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)
* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 102.9.0.\n\nSecurity Fix(es):\n\n* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)\n\n* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)\n\n* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)\n\n* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)\n\n* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1472", "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1472.json" } ], "title": "Red Hat Security Advisory: thunderbird security update", "tracking": { "current_release_date": "2024-11-22T22:19:46+00:00", "generator": { "date": "2024-11-22T22:19:46+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1472", "initial_release_date": "2023-03-27T08:20:12+00:00", "revision_history": [ { "date": "2023-03-27T08:20:12+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-27T08:20:12+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:19:46+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.4::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_4.src", "product": { "name": "thunderbird-0:102.9.0-2.el8_4.src", "product_id": "thunderbird-0:102.9.0-2.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_4.aarch64", "product": { "name": "thunderbird-0:102.9.0-2.el8_4.aarch64", "product_id": "thunderbird-0:102.9.0-2.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "product": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "product_id": "thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debugsource@102.9.0-2.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "product": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "product_id": "thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@102.9.0-2.el8_4?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_4.ppc64le", "product": { "name": "thunderbird-0:102.9.0-2.el8_4.ppc64le", "product_id": "thunderbird-0:102.9.0-2.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "product": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "product_id": "thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debugsource@102.9.0-2.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "product": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "product_id": "thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@102.9.0-2.el8_4?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_4.x86_64", "product": { "name": "thunderbird-0:102.9.0-2.el8_4.x86_64", "product_id": "thunderbird-0:102.9.0-2.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64", "product": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64", "product_id": "thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debugsource@102.9.0-2.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "product": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "product_id": "thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@102.9.0-2.el8_4?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_4.s390x", "product": { "name": "thunderbird-0:102.9.0-2.el8_4.s390x", "product_id": "thunderbird-0:102.9.0-2.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "product": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "product_id": "thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debugsource@102.9.0-2.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "product": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "product_id": "thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@102.9.0-2.el8_4?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64" }, "product_reference": "thunderbird-0:102.9.0-2.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le" }, "product_reference": "thunderbird-0:102.9.0-2.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x" }, "product_reference": "thunderbird-0:102.9.0-2.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_4.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src" }, "product_reference": "thunderbird-0:102.9.0-2.el8_4.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64" }, "product_reference": "thunderbird-0:102.9.0-2.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64" }, "product_reference": "thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le" }, "product_reference": "thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x" }, "product_reference": "thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64" }, "product_reference": "thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64" }, "product_reference": "thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le" }, "product_reference": "thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x" }, "product_reference": "thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" }, "product_reference": "thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T08:20:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1472" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25751", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178458" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of invalidating JIT code while following an iterator. The newly generated code could be overwritten incorrectly, leading to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Incorrect code generation during JIT compilation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25751" }, { "category": "external", "summary": "RHBZ#2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25751", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T08:20:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1472" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Incorrect code generation during JIT compilation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ronald Crane" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25752", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178460" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Potential out-of-bounds when accessing throttled streams", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25752" }, { "category": "external", "summary": "RHBZ#2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25752", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T08:20:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1472" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Potential out-of-bounds when accessing throttled streams" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28162", "cwe": { "id": "CWE-704", "name": "Incorrect Type Conversion or Cast" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178466" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nWhile implementing AudioWorklets, some code may have cast one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Invalid downcast in Worklets", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28162" }, { "category": "external", "summary": "RHBZ#2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28162", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T08:20:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1472" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Invalid downcast in Worklets" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Luan Herrera" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28164", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178470" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28164" }, { "category": "external", "summary": "RHBZ#2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28164", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28164" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T08:20:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1472" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla developers and community" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28176", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178472" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue in which Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 110 and ESR 102.8. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28176" }, { "category": "external", "summary": "RHBZ#2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28176", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28176" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-27T08:20:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1472" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.src", "AppStream-8.4.0.Z.EUS:thunderbird-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debuginfo-0:102.9.0-2.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.s390x", "AppStream-8.4.0.Z.EUS:thunderbird-debugsource-0:102.9.0-2.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9" } ] }
rhsa-2023_1365
Vulnerability from csaf_redhat
Published
2023-03-21 08:20
Modified
2024-11-22 22:18
Summary
Red Hat Security Advisory: nss security and bug fix update
Notes
Topic
An update for nss is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
Bug Fix(es):
* In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator. (BZ#2177435)
* Need to update FIPS review comments into NSS RHEL-9. (BZ#2177876)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nss is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nBug Fix(es):\n\n* In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator. (BZ#2177435)\n\n* Need to update FIPS review comments into NSS RHEL-9. (BZ#2177876)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1365", "url": "https://access.redhat.com/errata/RHSA-2023:1365" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "2177435", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177435" }, { "category": "external", "summary": "2177876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177876" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1365.json" } ], "title": "Red Hat Security Advisory: nss security and bug fix update", "tracking": { "current_release_date": "2024-11-22T22:18:13+00:00", "generator": { "date": "2024-11-22T22:18:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1365", "initial_release_date": "2023-03-21T08:20:55+00:00", "revision_history": [ { "date": "2023-03-21T08:20:55+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-21T08:20:55+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:18:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:9.0::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.34.0-17.el9_0.aarch64", "product": { "name": "nspr-0:4.34.0-17.el9_0.aarch64", "product_id": "nspr-0:4.34.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.34.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nspr-devel-0:4.34.0-17.el9_0.aarch64", "product": { "name": "nspr-devel-0:4.34.0-17.el9_0.aarch64", "product_id": "nspr-devel-0:4.34.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.34.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-devel-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-devel-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-softokn-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-softokn-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-softokn-devel-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-softokn-devel-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-softokn-freebl-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-sysinit-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-sysinit-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-tools-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-tools-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-util-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-util-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-util-devel-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-util-devel-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-debugsource-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-debugsource-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.34.0-17.el9_0.aarch64", "product": { "name": "nspr-debuginfo-0:4.34.0-17.el9_0.aarch64", "product_id": "nspr-debuginfo-0:4.34.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.34.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-tools-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-17.el9_0?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.aarch64", "product": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_id": "nss-util-debuginfo-0:3.79.0-17.el9_0.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-17.el9_0?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.34.0-17.el9_0.ppc64le", "product": { "name": "nspr-0:4.34.0-17.el9_0.ppc64le", "product_id": "nspr-0:4.34.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.34.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nspr-devel-0:4.34.0-17.el9_0.ppc64le", "product": { "name": "nspr-devel-0:4.34.0-17.el9_0.ppc64le", "product_id": "nspr-devel-0:4.34.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.34.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-devel-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-devel-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-softokn-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-softokn-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-softokn-devel-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-softokn-devel-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-softokn-freebl-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-sysinit-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-sysinit-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-tools-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-tools-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-util-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-util-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-util-devel-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-util-devel-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-debugsource-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-debugsource-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.34.0-17.el9_0.ppc64le", "product": { "name": "nspr-debuginfo-0:4.34.0-17.el9_0.ppc64le", "product_id": "nspr-debuginfo-0:4.34.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.34.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-tools-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-17.el9_0?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_id": "nss-util-debuginfo-0:3.79.0-17.el9_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-17.el9_0?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.34.0-17.el9_0.i686", "product": { "name": "nspr-0:4.34.0-17.el9_0.i686", "product_id": "nspr-0:4.34.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.34.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nspr-devel-0:4.34.0-17.el9_0.i686", "product": { "name": "nspr-devel-0:4.34.0-17.el9_0.i686", "product_id": "nspr-devel-0:4.34.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.34.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-0:3.79.0-17.el9_0.i686", "product_id": "nss-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-devel-0:3.79.0-17.el9_0.i686", "product_id": "nss-devel-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-softokn-0:3.79.0-17.el9_0.i686", "product_id": "nss-softokn-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-softokn-devel-0:3.79.0-17.el9_0.i686", "product_id": "nss-softokn-devel-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.i686", "product_id": "nss-softokn-freebl-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.i686", "product_id": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-util-0:3.79.0-17.el9_0.i686", "product_id": "nss-util-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-util-devel-0:3.79.0-17.el9_0.i686", "product_id": "nss-util-devel-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-debugsource-0:3.79.0-17.el9_0.i686", "product_id": "nss-debugsource-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.34.0-17.el9_0.i686", "product": { "name": "nspr-debuginfo-0:4.34.0-17.el9_0.i686", "product_id": "nspr-debuginfo-0:4.34.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.34.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-debuginfo-0:3.79.0-17.el9_0.i686", "product_id": "nss-debuginfo-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.i686", "product_id": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.i686", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.i686", "product_id": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.i686", "product_id": "nss-tools-debuginfo-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-17.el9_0?arch=i686" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.i686", "product": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.i686", "product_id": "nss-util-debuginfo-0:3.79.0-17.el9_0.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-17.el9_0?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.34.0-17.el9_0.x86_64", "product": { "name": "nspr-0:4.34.0-17.el9_0.x86_64", "product_id": "nspr-0:4.34.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.34.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nspr-devel-0:4.34.0-17.el9_0.x86_64", "product": { "name": "nspr-devel-0:4.34.0-17.el9_0.x86_64", "product_id": "nspr-devel-0:4.34.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.34.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-devel-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-devel-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-softokn-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-softokn-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-softokn-devel-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-softokn-devel-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-softokn-freebl-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-sysinit-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-sysinit-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-tools-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-tools-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-util-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-util-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-util-devel-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-util-devel-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-debugsource-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-debugsource-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.34.0-17.el9_0.x86_64", "product": { "name": "nspr-debuginfo-0:4.34.0-17.el9_0.x86_64", "product_id": "nspr-debuginfo-0:4.34.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.34.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-tools-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-17.el9_0?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.x86_64", "product": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_id": "nss-util-debuginfo-0:3.79.0-17.el9_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-17.el9_0?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.34.0-17.el9_0.s390x", "product": { "name": "nspr-0:4.34.0-17.el9_0.s390x", "product_id": "nspr-0:4.34.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.34.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nspr-devel-0:4.34.0-17.el9_0.s390x", "product": { "name": "nspr-devel-0:4.34.0-17.el9_0.s390x", "product_id": "nspr-devel-0:4.34.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.34.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-0:3.79.0-17.el9_0.s390x", "product_id": "nss-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-devel-0:3.79.0-17.el9_0.s390x", "product_id": "nss-devel-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-softokn-0:3.79.0-17.el9_0.s390x", "product_id": "nss-softokn-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-softokn-devel-0:3.79.0-17.el9_0.s390x", "product_id": "nss-softokn-devel-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.s390x", "product_id": "nss-softokn-freebl-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.s390x", "product_id": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-sysinit-0:3.79.0-17.el9_0.s390x", "product_id": "nss-sysinit-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-tools-0:3.79.0-17.el9_0.s390x", "product_id": "nss-tools-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-util-0:3.79.0-17.el9_0.s390x", "product_id": "nss-util-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-util-devel-0:3.79.0-17.el9_0.s390x", "product_id": "nss-util-devel-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-debugsource-0:3.79.0-17.el9_0.s390x", "product_id": "nss-debugsource-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.34.0-17.el9_0.s390x", "product": { "name": "nspr-debuginfo-0:4.34.0-17.el9_0.s390x", "product_id": "nspr-debuginfo-0:4.34.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.34.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-debuginfo-0:3.79.0-17.el9_0.s390x", "product_id": "nss-debuginfo-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.s390x", "product_id": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.s390x", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.s390x", "product_id": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.s390x", "product_id": "nss-tools-debuginfo-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-17.el9_0?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.s390x", "product": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.s390x", "product_id": "nss-util-debuginfo-0:3.79.0-17.el9_0.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-17.el9_0?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-17.el9_0.src", "product": { "name": "nss-0:3.79.0-17.el9_0.src", "product_id": "nss-0:3.79.0-17.el9_0.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_0?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.34.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.aarch64" }, "product_reference": "nspr-0:4.34.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.34.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.i686" }, "product_reference": "nspr-0:4.34.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.34.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.ppc64le" }, "product_reference": "nspr-0:4.34.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.34.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.s390x" }, "product_reference": "nspr-0:4.34.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.34.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.x86_64" }, "product_reference": "nspr-0:4.34.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.34.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.aarch64" }, "product_reference": "nspr-debuginfo-0:4.34.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.34.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.i686" }, "product_reference": "nspr-debuginfo-0:4.34.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.34.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.ppc64le" }, "product_reference": "nspr-debuginfo-0:4.34.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.34.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.s390x" }, "product_reference": "nspr-debuginfo-0:4.34.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.34.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.x86_64" }, "product_reference": "nspr-debuginfo-0:4.34.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.34.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.aarch64" }, "product_reference": "nspr-devel-0:4.34.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.34.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.i686" }, "product_reference": "nspr-devel-0:4.34.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.34.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.ppc64le" }, "product_reference": "nspr-devel-0:4.34.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.34.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.s390x" }, "product_reference": "nspr-devel-0:4.34.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.34.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.x86_64" }, "product_reference": "nspr-devel-0:4.34.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.src" }, "product_reference": "nss-0:3.79.0-17.el9_0.src", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-debuginfo-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-debugsource-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-debugsource-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-debugsource-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-debugsource-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-debugsource-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-devel-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-devel-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-devel-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-devel-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-softokn-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-softokn-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-softokn-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-softokn-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-softokn-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-softokn-devel-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-softokn-devel-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-softokn-devel-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-softokn-devel-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-softokn-devel-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-softokn-freebl-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-softokn-freebl-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-softokn-freebl-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-softokn-freebl-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-softokn-freebl-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-sysinit-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-tools-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-tools-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-tools-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-util-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-util-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-util-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-util-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-util-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-util-debuginfo-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-util-debuginfo-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-util-debuginfo-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-util-debuginfo-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-util-debuginfo-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-17.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.aarch64" }, "product_reference": "nss-util-devel-0:3.79.0-17.el9_0.aarch64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-17.el9_0.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.i686" }, "product_reference": "nss-util-devel-0:3.79.0-17.el9_0.i686", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-17.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.ppc64le" }, "product_reference": "nss-util-devel-0:3.79.0-17.el9_0.ppc64le", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-17.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.s390x" }, "product_reference": "nss-util-devel-0:3.79.0-17.el9_0.s390x", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-17.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.0)", "product_id": "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.x86_64" }, "product_reference": "nss-util-devel-0:3.79.0-17.el9_0.x86_64", "relates_to_product_reference": "AppStream-9.0.0.Z.EUS" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.src", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-21T08:20:55+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.src", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1365" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nspr-0:4.34.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nspr-debuginfo-0:4.34.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nspr-devel-0:4.34.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.src", "AppStream-9.0.0.Z.EUS:nss-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-debugsource-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-devel-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-devel-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-sysinit-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-tools-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-util-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-util-debuginfo-0:3.79.0-17.el9_0.x86_64", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.aarch64", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.i686", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.ppc64le", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.s390x", "AppStream-9.0.0.Z.EUS:nss-util-devel-0:3.79.0-17.el9_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" } ] }
rhsa-2023_1369
Vulnerability from csaf_redhat
Published
2023-03-21 09:48
Modified
2024-11-22 22:18
Summary
Red Hat Security Advisory: nss security update
Notes
Topic
An update for nss is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nss is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1369", "url": "https://access.redhat.com/errata/RHSA-2023:1369" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1369.json" } ], "title": "Red Hat Security Advisory: nss security update", "tracking": { "current_release_date": "2024-11-22T22:18:30+00:00", "generator": { "date": "2024-11-22T22:18:30+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1369", "initial_release_date": "2023-03-21T09:48:38+00:00", "revision_history": [ { "date": "2023-03-21T09:48:38+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-21T09:48:38+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:18:30+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.6::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_6.src", "product": { "name": "nss-0:3.79.0-11.el8_6.src", "product_id": "nss-0:3.79.0-11.el8_6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-devel-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-devel-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-softokn-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-softokn-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-softokn-devel-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-softokn-devel-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-softokn-freebl-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-sysinit-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-sysinit-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-tools-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-tools-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-util-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-util-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-util-devel-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-util-devel-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-debugsource-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-debugsource-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-tools-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-11.el8_6?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.aarch64", "product": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_id": "nss-util-debuginfo-0:3.79.0-11.el8_6.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-11.el8_6?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-devel-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-devel-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-softokn-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-softokn-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-softokn-devel-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-softokn-devel-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-softokn-freebl-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-sysinit-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-sysinit-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-tools-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-tools-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-util-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-util-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-util-devel-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-util-devel-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-debugsource-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-debugsource-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-tools-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-11.el8_6?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_id": "nss-util-debuginfo-0:3.79.0-11.el8_6.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-11.el8_6?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-0:3.79.0-11.el8_6.i686", "product_id": "nss-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-devel-0:3.79.0-11.el8_6.i686", "product_id": "nss-devel-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-softokn-0:3.79.0-11.el8_6.i686", "product_id": "nss-softokn-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-softokn-devel-0:3.79.0-11.el8_6.i686", "product_id": "nss-softokn-devel-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.i686", "product_id": "nss-softokn-freebl-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.i686", "product_id": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-util-0:3.79.0-11.el8_6.i686", "product_id": "nss-util-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-util-devel-0:3.79.0-11.el8_6.i686", "product_id": "nss-util-devel-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-debugsource-0:3.79.0-11.el8_6.i686", "product_id": "nss-debugsource-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-debuginfo-0:3.79.0-11.el8_6.i686", "product_id": "nss-debuginfo-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.i686", "product_id": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.i686", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.i686", "product_id": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.i686", "product_id": "nss-tools-debuginfo-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-11.el8_6?arch=i686" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.i686", "product": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.i686", "product_id": "nss-util-debuginfo-0:3.79.0-11.el8_6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-11.el8_6?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-devel-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-devel-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-softokn-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-softokn-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-softokn-devel-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-softokn-devel-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-softokn-freebl-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-sysinit-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-sysinit-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-tools-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-tools-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-util-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-util-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-util-devel-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-util-devel-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-debugsource-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-debugsource-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-tools-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-11.el8_6?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.x86_64", "product": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_id": "nss-util-debuginfo-0:3.79.0-11.el8_6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-11.el8_6?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-0:3.79.0-11.el8_6.s390x", "product_id": "nss-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-devel-0:3.79.0-11.el8_6.s390x", "product_id": "nss-devel-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-softokn-0:3.79.0-11.el8_6.s390x", "product_id": "nss-softokn-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-softokn-devel-0:3.79.0-11.el8_6.s390x", "product_id": "nss-softokn-devel-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.s390x", "product_id": "nss-softokn-freebl-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.s390x", "product_id": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-sysinit-0:3.79.0-11.el8_6.s390x", "product_id": "nss-sysinit-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-tools-0:3.79.0-11.el8_6.s390x", "product_id": "nss-tools-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-util-0:3.79.0-11.el8_6.s390x", "product_id": "nss-util-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-util-devel-0:3.79.0-11.el8_6.s390x", "product_id": "nss-util-devel-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-debugsource-0:3.79.0-11.el8_6.s390x", "product_id": "nss-debugsource-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-debuginfo-0:3.79.0-11.el8_6.s390x", "product_id": "nss-debuginfo-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.s390x", "product_id": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.s390x", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.s390x", "product_id": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.s390x", "product_id": "nss-tools-debuginfo-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-11.el8_6?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.s390x", "product": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.s390x", "product_id": "nss-util-debuginfo-0:3.79.0-11.el8_6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-11.el8_6?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_6.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.src" }, "product_reference": "nss-0:3.79.0-11.el8_6.src", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-debuginfo-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-debugsource-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-debugsource-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-debugsource-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-debugsource-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-debugsource-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-devel-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-devel-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-devel-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-devel-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-softokn-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-softokn-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-softokn-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-softokn-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-softokn-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-softokn-devel-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-softokn-devel-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-softokn-devel-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-softokn-devel-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-softokn-devel-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-softokn-freebl-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-softokn-freebl-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-softokn-freebl-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-softokn-freebl-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-softokn-freebl-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-sysinit-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-tools-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-tools-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-tools-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-util-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-util-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-util-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-util-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-util-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-util-debuginfo-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-util-debuginfo-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-util-debuginfo-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-util-debuginfo-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-util-debuginfo-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-11.el8_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.aarch64" }, "product_reference": "nss-util-devel-0:3.79.0-11.el8_6.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-11.el8_6.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.i686" }, "product_reference": "nss-util-devel-0:3.79.0-11.el8_6.i686", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-11.el8_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.ppc64le" }, "product_reference": "nss-util-devel-0:3.79.0-11.el8_6.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-11.el8_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.s390x" }, "product_reference": "nss-util-devel-0:3.79.0-11.el8_6.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-11.el8_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.x86_64" }, "product_reference": "nss-util-devel-0:3.79.0-11.el8_6.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.src", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-21T09:48:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.src", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1369" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.src", "AppStream-8.6.0.Z.EUS:nss-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-debugsource-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-devel-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-devel-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-softokn-freebl-devel-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-sysinit-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-sysinit-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-tools-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-tools-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-util-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-util-debuginfo-0:3.79.0-11.el8_6.x86_64", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.aarch64", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.i686", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.ppc64le", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.s390x", "AppStream-8.6.0.Z.EUS:nss-util-devel-0:3.79.0-11.el8_6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" } ] }
rhsa-2023_1368
Vulnerability from csaf_redhat
Published
2023-03-21 09:41
Modified
2024-11-22 22:18
Summary
Red Hat Security Advisory: nss security and bug fix update
Notes
Topic
An update for nss is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
Bug Fix(es):
* In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator. (BZ#2177434)
* Need to update FIPS review comments into NSS RHEL-9. (BZ#2177875)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nss is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nBug Fix(es):\n\n* In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator. (BZ#2177434)\n\n* Need to update FIPS review comments into NSS RHEL-9. (BZ#2177875)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1368", "url": "https://access.redhat.com/errata/RHSA-2023:1368" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "2177434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177434" }, { "category": "external", "summary": "2177875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177875" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1368.json" } ], "title": "Red Hat Security Advisory: nss security and bug fix update", "tracking": { "current_release_date": "2024-11-22T22:18:40+00:00", "generator": { "date": "2024-11-22T22:18:40+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1368", "initial_release_date": "2023-03-21T09:41:06+00:00", "revision_history": [ { "date": "2023-03-21T09:41:06+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-21T09:41:06+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:18:40+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.34.0-17.el9_1.aarch64", "product": { "name": "nspr-0:4.34.0-17.el9_1.aarch64", "product_id": "nspr-0:4.34.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.34.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nspr-devel-0:4.34.0-17.el9_1.aarch64", "product": { "name": "nspr-devel-0:4.34.0-17.el9_1.aarch64", "product_id": "nspr-devel-0:4.34.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.34.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-devel-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-devel-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-softokn-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-softokn-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-softokn-devel-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-softokn-devel-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-softokn-freebl-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-sysinit-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-sysinit-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-tools-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-tools-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-util-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-util-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-util-devel-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-util-devel-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-debugsource-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-debugsource-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.34.0-17.el9_1.aarch64", "product": { "name": "nspr-debuginfo-0:4.34.0-17.el9_1.aarch64", "product_id": "nspr-debuginfo-0:4.34.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.34.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-tools-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-17.el9_1?arch=aarch64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.aarch64", "product": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_id": "nss-util-debuginfo-0:3.79.0-17.el9_1.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-17.el9_1?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.34.0-17.el9_1.ppc64le", "product": { "name": "nspr-0:4.34.0-17.el9_1.ppc64le", "product_id": "nspr-0:4.34.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.34.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nspr-devel-0:4.34.0-17.el9_1.ppc64le", "product": { "name": "nspr-devel-0:4.34.0-17.el9_1.ppc64le", "product_id": "nspr-devel-0:4.34.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.34.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-devel-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-devel-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-softokn-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-softokn-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-softokn-devel-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-softokn-devel-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-softokn-freebl-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-sysinit-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-sysinit-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-tools-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-tools-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-util-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-util-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-util-devel-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-util-devel-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-debugsource-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-debugsource-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.34.0-17.el9_1.ppc64le", "product": { "name": "nspr-debuginfo-0:4.34.0-17.el9_1.ppc64le", "product_id": "nspr-debuginfo-0:4.34.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.34.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-tools-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-17.el9_1?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_id": "nss-util-debuginfo-0:3.79.0-17.el9_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-17.el9_1?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.34.0-17.el9_1.i686", "product": { "name": "nspr-0:4.34.0-17.el9_1.i686", "product_id": "nspr-0:4.34.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.34.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nspr-devel-0:4.34.0-17.el9_1.i686", "product": { "name": "nspr-devel-0:4.34.0-17.el9_1.i686", "product_id": "nspr-devel-0:4.34.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.34.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-0:3.79.0-17.el9_1.i686", "product_id": "nss-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-devel-0:3.79.0-17.el9_1.i686", "product_id": "nss-devel-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-softokn-0:3.79.0-17.el9_1.i686", "product_id": "nss-softokn-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-softokn-devel-0:3.79.0-17.el9_1.i686", "product_id": "nss-softokn-devel-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.i686", "product_id": "nss-softokn-freebl-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.i686", "product_id": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-util-0:3.79.0-17.el9_1.i686", "product_id": "nss-util-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-util-devel-0:3.79.0-17.el9_1.i686", "product_id": "nss-util-devel-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-debugsource-0:3.79.0-17.el9_1.i686", "product_id": "nss-debugsource-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.34.0-17.el9_1.i686", "product": { "name": "nspr-debuginfo-0:4.34.0-17.el9_1.i686", "product_id": "nspr-debuginfo-0:4.34.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.34.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-debuginfo-0:3.79.0-17.el9_1.i686", "product_id": "nss-debuginfo-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.i686", "product_id": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.i686", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.i686", "product_id": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.i686", "product_id": "nss-tools-debuginfo-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-17.el9_1?arch=i686" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.i686", "product": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.i686", "product_id": "nss-util-debuginfo-0:3.79.0-17.el9_1.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-17.el9_1?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.34.0-17.el9_1.x86_64", "product": { "name": "nspr-0:4.34.0-17.el9_1.x86_64", "product_id": "nspr-0:4.34.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.34.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nspr-devel-0:4.34.0-17.el9_1.x86_64", "product": { "name": "nspr-devel-0:4.34.0-17.el9_1.x86_64", "product_id": "nspr-devel-0:4.34.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.34.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-devel-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-devel-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-softokn-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-softokn-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-softokn-devel-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-softokn-devel-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-softokn-freebl-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-sysinit-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-sysinit-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-tools-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-tools-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-util-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-util-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-util-devel-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-util-devel-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-debugsource-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-debugsource-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.34.0-17.el9_1.x86_64", "product": { "name": "nspr-debuginfo-0:4.34.0-17.el9_1.x86_64", "product_id": "nspr-debuginfo-0:4.34.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.34.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-tools-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-17.el9_1?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.x86_64", "product": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_id": "nss-util-debuginfo-0:3.79.0-17.el9_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-17.el9_1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nspr-0:4.34.0-17.el9_1.s390x", "product": { "name": "nspr-0:4.34.0-17.el9_1.s390x", "product_id": "nspr-0:4.34.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr@4.34.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nspr-devel-0:4.34.0-17.el9_1.s390x", "product": { "name": "nspr-devel-0:4.34.0-17.el9_1.s390x", "product_id": "nspr-devel-0:4.34.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-devel@4.34.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-0:3.79.0-17.el9_1.s390x", "product_id": "nss-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-devel-0:3.79.0-17.el9_1.s390x", "product_id": "nss-devel-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-softokn-0:3.79.0-17.el9_1.s390x", "product_id": "nss-softokn-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-softokn-devel-0:3.79.0-17.el9_1.s390x", "product_id": "nss-softokn-devel-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.s390x", "product_id": "nss-softokn-freebl-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.s390x", "product_id": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-sysinit-0:3.79.0-17.el9_1.s390x", "product_id": "nss-sysinit-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-tools-0:3.79.0-17.el9_1.s390x", "product_id": "nss-tools-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-util-0:3.79.0-17.el9_1.s390x", "product_id": "nss-util-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-util-devel-0:3.79.0-17.el9_1.s390x", "product_id": "nss-util-devel-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-debugsource-0:3.79.0-17.el9_1.s390x", "product_id": "nss-debugsource-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nspr-debuginfo-0:4.34.0-17.el9_1.s390x", "product": { "name": "nspr-debuginfo-0:4.34.0-17.el9_1.s390x", "product_id": "nspr-debuginfo-0:4.34.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nspr-debuginfo@4.34.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-debuginfo-0:3.79.0-17.el9_1.s390x", "product_id": "nss-debuginfo-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.s390x", "product_id": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.s390x", "product_id": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.s390x", "product_id": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.s390x", "product_id": "nss-tools-debuginfo-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.79.0-17.el9_1?arch=s390x" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.s390x", "product": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.s390x", "product_id": "nss-util-debuginfo-0:3.79.0-17.el9_1.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.79.0-17.el9_1?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-17.el9_1.src", "product": { "name": "nss-0:3.79.0-17.el9_1.src", "product_id": "nss-0:3.79.0-17.el9_1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-17.el9_1?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.34.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.aarch64" }, "product_reference": "nspr-0:4.34.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.34.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.i686" }, "product_reference": "nspr-0:4.34.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.34.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.ppc64le" }, "product_reference": "nspr-0:4.34.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.34.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.s390x" }, "product_reference": "nspr-0:4.34.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-0:4.34.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.x86_64" }, "product_reference": "nspr-0:4.34.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.34.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.aarch64" }, "product_reference": "nspr-debuginfo-0:4.34.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.34.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.i686" }, "product_reference": "nspr-debuginfo-0:4.34.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.34.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.ppc64le" }, "product_reference": "nspr-debuginfo-0:4.34.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.34.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.s390x" }, "product_reference": "nspr-debuginfo-0:4.34.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-debuginfo-0:4.34.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.x86_64" }, "product_reference": "nspr-debuginfo-0:4.34.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.34.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.aarch64" }, "product_reference": "nspr-devel-0:4.34.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.34.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.i686" }, "product_reference": "nspr-devel-0:4.34.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.34.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.ppc64le" }, "product_reference": "nspr-devel-0:4.34.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.34.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.s390x" }, "product_reference": "nspr-devel-0:4.34.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nspr-devel-0:4.34.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.x86_64" }, "product_reference": "nspr-devel-0:4.34.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.src" }, "product_reference": "nss-0:3.79.0-17.el9_1.src", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-debuginfo-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-debugsource-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-debugsource-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-debugsource-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-debugsource-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-debugsource-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-devel-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-devel-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-devel-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-devel-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-softokn-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-softokn-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-softokn-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-softokn-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-softokn-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-softokn-debuginfo-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-softokn-devel-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-softokn-devel-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-softokn-devel-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-softokn-devel-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-softokn-devel-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-softokn-freebl-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-softokn-freebl-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-softokn-freebl-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-softokn-freebl-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-softokn-freebl-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-sysinit-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-tools-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-tools-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-tools-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-tools-debuginfo-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-util-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-util-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-util-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-util-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-util-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-util-debuginfo-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-util-debuginfo-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-util-debuginfo-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-util-debuginfo-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-util-debuginfo-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-17.el9_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.aarch64" }, "product_reference": "nss-util-devel-0:3.79.0-17.el9_1.aarch64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-17.el9_1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.i686" }, "product_reference": "nss-util-devel-0:3.79.0-17.el9_1.i686", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-17.el9_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.ppc64le" }, "product_reference": "nss-util-devel-0:3.79.0-17.el9_1.ppc64le", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-17.el9_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.s390x" }, "product_reference": "nss-util-devel-0:3.79.0-17.el9_1.s390x", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.79.0-17.el9_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", "product_id": "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.x86_64" }, "product_reference": "nss-util-devel-0:3.79.0-17.el9_1.x86_64", "relates_to_product_reference": "AppStream-9.1.0.Z.MAIN" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.src", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-21T09:41:06+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.src", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1368" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nspr-0:4.34.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nspr-debuginfo-0:4.34.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nspr-devel-0:4.34.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.src", "AppStream-9.1.0.Z.MAIN:nss-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-debugsource-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-devel-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-devel-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-softokn-freebl-devel-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-sysinit-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-sysinit-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-tools-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-tools-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-util-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-util-debuginfo-0:3.79.0-17.el9_1.x86_64", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.aarch64", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.i686", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.ppc64le", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.s390x", "AppStream-9.1.0.Z.MAIN:nss-util-devel-0:3.79.0-17.el9_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" } ] }
rhsa-2023_1332
Vulnerability from csaf_redhat
Published
2023-03-20 09:35
Modified
2024-11-22 22:18
Summary
Red Hat Security Advisory: nss security update
Notes
Topic
An update for nss is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nss is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1332", "url": "https://access.redhat.com/errata/RHSA-2023:1332" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1332.json" } ], "title": "Red Hat Security Advisory: nss security update", "tracking": { "current_release_date": "2024-11-22T22:18:04+00:00", "generator": { "date": "2024-11-22T22:18:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1332", "initial_release_date": "2023-03-20T09:35:05+00:00", "revision_history": [ { "date": "2023-03-20T09:35:05+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-20T09:35:05+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:18:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Client (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-5.el7_9.src", "product": { "name": "nss-0:3.79.0-5.el7_9.src", "product_id": "nss-0:3.79.0-5.el7_9.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-5.el7_9?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-5.el7_9.i686", "product": { "name": "nss-0:3.79.0-5.el7_9.i686", "product_id": "nss-0:3.79.0-5.el7_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-5.el7_9?arch=i686" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-5.el7_9.i686", "product": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.i686", "product_id": "nss-debuginfo-0:3.79.0-5.el7_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-5.el7_9?arch=i686" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-5.el7_9.i686", "product": { "name": "nss-devel-0:3.79.0-5.el7_9.i686", "product_id": "nss-devel-0:3.79.0-5.el7_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-5.el7_9?arch=i686" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "product": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "product_id": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.79.0-5.el7_9?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-5.el7_9.x86_64", "product": { "name": "nss-0:3.79.0-5.el7_9.x86_64", "product_id": "nss-0:3.79.0-5.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-5.el7_9?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-5.el7_9.x86_64", "product": { "name": "nss-sysinit-0:3.79.0-5.el7_9.x86_64", "product_id": "nss-sysinit-0:3.79.0-5.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-5.el7_9?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-5.el7_9.x86_64", "product": { "name": "nss-tools-0:3.79.0-5.el7_9.x86_64", "product_id": "nss-tools-0:3.79.0-5.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-5.el7_9?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "product": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "product_id": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-5.el7_9?arch=x86_64" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-5.el7_9.x86_64", "product": { "name": "nss-devel-0:3.79.0-5.el7_9.x86_64", "product_id": "nss-devel-0:3.79.0-5.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-5.el7_9?arch=x86_64" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "product": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "product_id": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.79.0-5.el7_9?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-5.el7_9.ppc", "product": { "name": "nss-0:3.79.0-5.el7_9.ppc", "product_id": "nss-0:3.79.0-5.el7_9.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-5.el7_9?arch=ppc" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-5.el7_9.ppc", "product": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc", "product_id": "nss-devel-0:3.79.0-5.el7_9.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-5.el7_9?arch=ppc" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc", "product": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc", "product_id": "nss-debuginfo-0:3.79.0-5.el7_9.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-5.el7_9?arch=ppc" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "product": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "product_id": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.79.0-5.el7_9?arch=ppc" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-5.el7_9.ppc64", "product": { "name": "nss-0:3.79.0-5.el7_9.ppc64", "product_id": "nss-0:3.79.0-5.el7_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-5.el7_9?arch=ppc64" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-5.el7_9.ppc64", "product": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64", "product_id": "nss-devel-0:3.79.0-5.el7_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-5.el7_9?arch=ppc64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64", "product": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64", "product_id": "nss-sysinit-0:3.79.0-5.el7_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-5.el7_9?arch=ppc64" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-5.el7_9.ppc64", "product": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64", "product_id": "nss-tools-0:3.79.0-5.el7_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-5.el7_9?arch=ppc64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "product": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "product_id": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-5.el7_9?arch=ppc64" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "product": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "product_id": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.79.0-5.el7_9?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-5.el7_9.s390", "product": { "name": "nss-0:3.79.0-5.el7_9.s390", "product_id": "nss-0:3.79.0-5.el7_9.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-5.el7_9?arch=s390" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-5.el7_9.s390", "product": { "name": "nss-devel-0:3.79.0-5.el7_9.s390", "product_id": "nss-devel-0:3.79.0-5.el7_9.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-5.el7_9?arch=s390" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390", "product": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390", "product_id": "nss-debuginfo-0:3.79.0-5.el7_9.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-5.el7_9?arch=s390" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "product": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "product_id": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.79.0-5.el7_9?arch=s390" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-5.el7_9.s390x", "product": { "name": "nss-0:3.79.0-5.el7_9.s390x", "product_id": "nss-0:3.79.0-5.el7_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-5.el7_9?arch=s390x" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-5.el7_9.s390x", "product": { "name": "nss-devel-0:3.79.0-5.el7_9.s390x", "product_id": "nss-devel-0:3.79.0-5.el7_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-5.el7_9?arch=s390x" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-5.el7_9.s390x", "product": { "name": "nss-sysinit-0:3.79.0-5.el7_9.s390x", "product_id": "nss-sysinit-0:3.79.0-5.el7_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-5.el7_9?arch=s390x" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-5.el7_9.s390x", "product": { "name": "nss-tools-0:3.79.0-5.el7_9.s390x", "product_id": "nss-tools-0:3.79.0-5.el7_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-5.el7_9?arch=s390x" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390x", "product": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390x", "product_id": "nss-debuginfo-0:3.79.0-5.el7_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-5.el7_9?arch=s390x" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "product": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "product_id": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.79.0-5.el7_9?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.79.0-5.el7_9.ppc64le", "product": { "name": "nss-0:3.79.0-5.el7_9.ppc64le", "product_id": "nss-0:3.79.0-5.el7_9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.79.0-5.el7_9?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-devel-0:3.79.0-5.el7_9.ppc64le", "product": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64le", "product_id": "nss-devel-0:3.79.0-5.el7_9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.79.0-5.el7_9?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "product": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "product_id": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.79.0-5.el7_9?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-0:3.79.0-5.el7_9.ppc64le", "product": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64le", "product_id": "nss-tools-0:3.79.0-5.el7_9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.79.0-5.el7_9?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "product": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "product_id": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.79.0-5.el7_9?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "product": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "product_id": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-pkcs11-devel@3.79.0-5.el7_9?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.src as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.src" }, "product_reference": "nss-0:3.79.0-5.el7_9.src", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", "product_id": "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src" }, "product_reference": "nss-0:3.79.0-5.el7_9.src", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", "product_id": "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Client-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src" }, "product_reference": "nss-0:3.79.0-5.el7_9.src", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", "product_id": "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7ComputeNode-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.src as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.src" }, "product_reference": "nss-0:3.79.0-5.el7_9.src", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src" }, "product_reference": "nss-0:3.79.0-5.el7_9.src", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", "product_id": "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Server-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.src" }, "product_reference": "nss-0:3.79.0-5.el7_9.src", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src" }, "product_reference": "nss-0:3.79.0-5.el7_9.src", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-sysinit-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.ppc64le", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.s390x", "relates_to_product_reference": "7Workstation-optional-7.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.79.0-5.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", "product_id": "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64" }, "product_reference": "nss-tools-0:3.79.0-5.el7_9.x86_64", "relates_to_product_reference": "7Workstation-optional-7.9.Z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-20T09:35:05+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1332" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Client-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Client-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Client-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Client-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7ComputeNode-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7ComputeNode-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Server-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Server-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Server-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Server-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Workstation-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Workstation-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.src", "7Workstation-optional-7.9.Z:nss-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-debuginfo-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.i686", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-pkcs11-devel-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-sysinit-0:3.79.0-5.el7_9.x86_64", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.ppc64le", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.s390x", "7Workstation-optional-7.9.Z:nss-tools-0:3.79.0-5.el7_9.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" } ] }
rhsa-2023_1442
Vulnerability from csaf_redhat
Published
2023-03-23 11:10
Modified
2024-11-22 22:19
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 102.9.0.
Security Fix(es):
* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)
* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)
* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)
* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)
* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 102.9.0.\n\nSecurity Fix(es):\n\n* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)\n\n* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)\n\n* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)\n\n* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)\n\n* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1442", "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1442.json" } ], "title": "Red Hat Security Advisory: thunderbird security update", "tracking": { "current_release_date": "2024-11-22T22:19:16+00:00", "generator": { "date": "2024-11-22T22:19:16+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1442", "initial_release_date": "2023-03-23T11:10:39+00:00", "revision_history": [ { "date": "2023-03-23T11:10:39+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-23T11:10:39+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:19:16+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product": { "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_e4s:8.1::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_1.src", "product": { "name": "thunderbird-0:102.9.0-2.el8_1.src", "product_id": "thunderbird-0:102.9.0-2.el8_1.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_1?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_1.ppc64le", "product": { "name": "thunderbird-0:102.9.0-2.el8_1.ppc64le", "product_id": "thunderbird-0:102.9.0-2.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "product": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "product_id": "thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debugsource@102.9.0-2.el8_1?arch=ppc64le" } } }, { "category": "product_version", "name": "thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "product": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "product_id": "thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@102.9.0-2.el8_1?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "thunderbird-0:102.9.0-2.el8_1.x86_64", "product": { "name": "thunderbird-0:102.9.0-2.el8_1.x86_64", "product_id": "thunderbird-0:102.9.0-2.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird@102.9.0-2.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64", "product": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64", "product_id": "thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debugsource@102.9.0-2.el8_1?arch=x86_64" } } }, { "category": "product_version", "name": "thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "product": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "product_id": "thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/thunderbird-debuginfo@102.9.0-2.el8_1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le" }, "product_reference": "thunderbird-0:102.9.0-2.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_1.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src" }, "product_reference": "thunderbird-0:102.9.0-2.el8_1.src", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-0:102.9.0-2.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64" }, "product_reference": "thunderbird-0:102.9.0-2.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le" }, "product_reference": "thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64" }, "product_reference": "thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le" }, "product_reference": "thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.1)", "product_id": "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" }, "product_reference": "thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64", "relates_to_product_reference": "AppStream-8.1.0.Z.E4S" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:10:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1442" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25751", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178458" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of invalidating JIT code while following an iterator. The newly generated code could be overwritten incorrectly, leading to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Incorrect code generation during JIT compilation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25751" }, { "category": "external", "summary": "RHBZ#2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25751", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:10:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1442" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Incorrect code generation during JIT compilation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ronald Crane" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25752", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178460" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Potential out-of-bounds when accessing throttled streams", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25752" }, { "category": "external", "summary": "RHBZ#2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25752", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:10:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1442" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Potential out-of-bounds when accessing throttled streams" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28162", "cwe": { "id": "CWE-704", "name": "Incorrect Type Conversion or Cast" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178466" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nWhile implementing AudioWorklets, some code may have cast one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Invalid downcast in Worklets", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28162" }, { "category": "external", "summary": "RHBZ#2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28162", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:10:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1442" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Invalid downcast in Worklets" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Luan Herrera" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28164", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178470" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28164" }, { "category": "external", "summary": "RHBZ#2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28164", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28164" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:10:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1442" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla developers and community" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28176", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178472" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue in which Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 110 and ESR 102.8. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28176" }, { "category": "external", "summary": "RHBZ#2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28176", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28176" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:10:39+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.", "product_ids": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1442" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.src", "AppStream-8.1.0.Z.E4S:thunderbird-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debuginfo-0:102.9.0-2.el8_1.x86_64", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.ppc64le", "AppStream-8.1.0.Z.E4S:thunderbird-debugsource-0:102.9.0-2.el8_1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9" } ] }
rhsa-2023_1677
Vulnerability from csaf_redhat
Published
2023-04-10 02:03
Modified
2024-11-22 22:18
Summary
Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update batch#5 (oVirt-4.5.3-5)
Notes
Topic
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
* git: gitattributes parsing integer overflow (CVE-2022-23521)
* git: Heap overflow in `git archive`, `git log --format` leading to RCE (CVE-2022-41903)
* ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)
* kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386)
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host\u0027s resources and performing administrative tasks. \n\nThe ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host\u0027s resources and performing administrative tasks.\n\nSecurity Fix(es):\n\n* git: gitattributes parsing integer overflow (CVE-2022-23521)\n\n* git: Heap overflow in `git archive`, `git log --format` leading to RCE (CVE-2022-41903)\n\n* ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)\n\n* kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386)\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1677", "url": "https://access.redhat.com/errata/RHSA-2023:1677" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2159505", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159505" }, { "category": "external", "summary": "2162055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162055" }, { "category": "external", "summary": "2162056", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162056" }, { "category": "external", "summary": "2163379", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2163379" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1677.json" } ], "title": "Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update batch#5 (oVirt-4.5.3-5)", "tracking": { "current_release_date": "2024-11-22T22:18:52+00:00", "generator": { "date": "2024-11-22T22:18:52+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1677", "initial_release_date": "2023-04-10T02:03:40+00:00", "revision_history": [ { "date": "2023-04-10T02:03:40+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-04-10T02:03:40+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:18:52+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product": { "name": "RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product_id": "8Base-RHV-HypervisorBuild-4", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8" } } }, { "category": "product_name", "name": "Red Hat Virtualization 4 Hypervisor for RHEL 8", "product": { "name": "Red Hat Virtualization 4 Hypervisor for RHEL 8", "product_id": "8Base-RHV-Hypervisor-4", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8" } } } ], "category": "product_family", "name": "Red Hat Virtualization" }, { "branches": [ { "category": "product_version", "name": "redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "product": { "name": "redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "product_id": "redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.5.3-6.el8ev?arch=src" } } }, { "category": "product_version", "name": "redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "product": { "name": "redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "product_id": "redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-virtualization-host@4.5.3-202304051438_8.6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "product": { "name": "redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "product_id": "redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.5.3-6.el8ev?arch=x86_64" } } }, { "category": "product_version", "name": "redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "product": { "name": "redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "product_id": "redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-release-virtualization-host-content@4.5.3-6.el8ev?arch=x86_64" } } }, { "category": "product_version", "name": "redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64", "product": { "name": "redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64", "product_id": "redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.5.3-202304051438_8.6?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch", "product": { "name": "redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch", "product_id": "redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.5.3-6.el8ev?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-0:4.5.3-202304051438_8.6.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", "product_id": "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src" }, "product_reference": "redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "relates_to_product_reference": "8Base-RHV-Hypervisor-4" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", "product_id": "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" }, "product_reference": "redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64", "relates_to_product_reference": "8Base-RHV-Hypervisor-4" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-release-virtualization-host-0:4.5.3-6.el8ev.src as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product_id": "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src" }, "product_reference": "redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "relates_to_product_reference": "8Base-RHV-HypervisorBuild-4" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64 as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product_id": "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64" }, "product_reference": "redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "relates_to_product_reference": "8Base-RHV-HypervisorBuild-4" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64 as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product_id": "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64" }, "product_reference": "redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "relates_to_product_reference": "8Base-RHV-HypervisorBuild-4" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product_id": "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" }, "product_reference": "redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-HypervisorBuild-4" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-23521", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2023-01-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2162055" } ], "notes": [ { "category": "description", "text": "A flaw was found in Git, a distributed revision control system. When parsing gitattributes, a mechanism to allow defining attributes for paths, multiple integer overflows can occur when there is a huge number of path patterns, attributes for a single pattern, or declared attribute names. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index, or both. This integer overflow can result in arbitrary heap reads and writes, which may allow remote code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "git: gitattributes parsing integer overflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ], "known_not_affected": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23521" }, { "category": "external", "summary": "RHBZ#2162055", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162055" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23521", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23521" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23521", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23521" }, { "category": "external", "summary": "https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/", "url": "https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/" }, { "category": "external", "summary": "https://github.com/git/git/files/10430260/X41-OSTIF-Gitlab-Git-Security-Audit-20230117-public.pdf", "url": "https://github.com/git/git/files/10430260/X41-OSTIF-Gitlab-Git-Security-Audit-20230117-public.pdf" }, { "category": "external", "summary": "https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89", "url": "https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2023/01/17/4", "url": "https://www.openwall.com/lists/oss-security/2023/01/17/4" } ], "release_date": "2023-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-10T02:03:40+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1677" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "git: gitattributes parsing integer overflow" }, { "cve": "CVE-2022-41903", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2023-01-18T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2162056" } ], "notes": [ { "category": "description", "text": "A flaw was found in Git, a distributed revision control system. This issue occurs due to an integer overflow in `pretty.c::format_and_pad_commit()`, where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through the git archive via the export-subst mechanism, which expands format specifiers inside files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may allow arbitrary code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "git: Heap overflow in `git archive`, `git log --format` leading to RCE", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ], "known_not_affected": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41903" }, { "category": "external", "summary": "RHBZ#2162056", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2162056" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41903", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41903" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41903", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41903" }, { "category": "external", "summary": "https://github.com/git/git/files/10430260/X41-OSTIF-Gitlab-Git-Security-Audit-20230117-public.pdf", "url": "https://github.com/git/git/files/10430260/X41-OSTIF-Gitlab-Git-Security-Audit-20230117-public.pdf" }, { "category": "external", "summary": "https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq", "url": "https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2023/01/17/4", "url": "https://www.openwall.com/lists/oss-security/2023/01/17/4" } ], "release_date": "2023-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-10T02:03:40+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1677" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "git: Heap overflow in `git archive`, `git log --format` leading to RCE" }, { "cve": "CVE-2023-0266", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2023-01-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2163379" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak problem.", "title": "Vulnerability description" }, { "category": "summary", "text": "ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ], "known_not_affected": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0266" }, { "category": "external", "summary": "RHBZ#2163379", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2163379" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0266", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0266" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0266", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0266" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=56b88b50565cd8b946a2d00b0c83927b7ebb055e", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=56b88b50565cd8b946a2d00b0c83927b7ebb055e" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2023-01-13T06:30:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-10T02:03:40+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1677" }, { "category": "workaround", "details": "To mitigate this issue, skip loading (blacklist) the affected soundcard using modules like:\n\nblacklist soundcore\nblacklist snd\nblacklist snd_pcm\nblacklist snd_hda_codec_hdmi\nblacklist snd_hda_codec_realtek\nblacklist snd_hda_codec_generic\nblacklist snd_hda_intel\nblacklist snd_hda_codec\nblacklist snd_hda_core\nblacklist snd_hwdep\nblacklist snd_timer\n \nonto the system till we have a fix available. \n\nThis can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ] } ], "threats": [ { "category": "exploit_status", "date": "2023-03-30T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF" }, { "acknowledgments": [ { "names": [ "The D. E. Shaw Group" ] } ], "cve": "CVE-2023-0386", "cwe": { "id": "CWE-282", "name": "Improper Ownership Management" }, "discovery_date": "2022-12-21T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2159505" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel\u2019s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: FUSE filesystem low-privileged user privileges escalation", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat Enterprise Linux 8.4 and before not affected, because the patch that introduced the bug exists starting from 8.6.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ], "known_not_affected": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0386" }, { "category": "external", "summary": "RHBZ#2159505", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2159505" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0386", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0386" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0386", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0386" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a" } ], "release_date": "2023-01-24T10:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-10T02:03:40+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1677" }, { "category": "workaround", "details": "To mitigate this issue, prevent the module overlay from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: FUSE filesystem low-privileged user privileges escalation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ], "known_not_affected": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.5.3-6.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.5.3-6.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-10T02:03:40+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1677" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.5.3-202304051438_8.6.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.5.3-202304051438_8.6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" } ] }
rhsa-2023_1444
Vulnerability from csaf_redhat
Published
2023-03-23 11:32
Modified
2024-11-22 22:19
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.9.0 ESR.
Security Fix(es):
* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)
* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)
* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)
* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)
* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 102.9.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)\n\n* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)\n\n* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)\n\n* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)\n\n* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1444", "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1444.json" } ], "title": "Red Hat Security Advisory: firefox security update", "tracking": { "current_release_date": "2024-11-22T22:19:29+00:00", "generator": { "date": "2024-11-22T22:19:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1444", "initial_release_date": "2023-03-23T11:32:26+00:00", "revision_history": [ { "date": "2023-03-23T11:32:26+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-23T11:32:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:19:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.4::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_4.src", "product": { "name": "firefox-0:102.9.0-4.el8_4.src", "product_id": "firefox-0:102.9.0-4.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_4.aarch64", "product": { "name": "firefox-0:102.9.0-4.el8_4.aarch64", "product_id": "firefox-0:102.9.0-4.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "product": { "name": "firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "product_id": "firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debugsource@102.9.0-4.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "product": { "name": "firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "product_id": "firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@102.9.0-4.el8_4?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_4.ppc64le", "product": { "name": "firefox-0:102.9.0-4.el8_4.ppc64le", "product_id": "firefox-0:102.9.0-4.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "product": { "name": "firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "product_id": "firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debugsource@102.9.0-4.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "product": { "name": "firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "product_id": "firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@102.9.0-4.el8_4?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_4.x86_64", "product": { "name": "firefox-0:102.9.0-4.el8_4.x86_64", "product_id": "firefox-0:102.9.0-4.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-debugsource-0:102.9.0-4.el8_4.x86_64", "product": { "name": "firefox-debugsource-0:102.9.0-4.el8_4.x86_64", "product_id": "firefox-debugsource-0:102.9.0-4.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debugsource@102.9.0-4.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "product": { "name": "firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "product_id": "firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@102.9.0-4.el8_4?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_4.s390x", "product": { "name": "firefox-0:102.9.0-4.el8_4.s390x", "product_id": "firefox-0:102.9.0-4.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "firefox-debugsource-0:102.9.0-4.el8_4.s390x", "product": { "name": "firefox-debugsource-0:102.9.0-4.el8_4.s390x", "product_id": "firefox-debugsource-0:102.9.0-4.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debugsource@102.9.0-4.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "product": { "name": "firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "product_id": "firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@102.9.0-4.el8_4?arch=s390x" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64" }, "product_reference": "firefox-0:102.9.0-4.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le" }, "product_reference": "firefox-0:102.9.0-4.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x" }, "product_reference": "firefox-0:102.9.0-4.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_4.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src" }, "product_reference": "firefox-0:102.9.0-4.el8_4.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64" }, "product_reference": "firefox-0:102.9.0-4.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:102.9.0-4.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64" }, "product_reference": "firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le" }, "product_reference": "firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:102.9.0-4.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x" }, "product_reference": "firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:102.9.0-4.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64" }, "product_reference": "firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debugsource-0:102.9.0-4.el8_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64" }, "product_reference": "firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debugsource-0:102.9.0-4.el8_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le" }, "product_reference": "firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debugsource-0:102.9.0-4.el8_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x" }, "product_reference": "firefox-debugsource-0:102.9.0-4.el8_4.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debugsource-0:102.9.0-4.el8_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" }, "product_reference": "firefox-debugsource-0:102.9.0-4.el8_4.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:32:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1444" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25751", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178458" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of invalidating JIT code while following an iterator. The newly generated code could be overwritten incorrectly, leading to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Incorrect code generation during JIT compilation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25751" }, { "category": "external", "summary": "RHBZ#2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25751", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:32:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1444" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Incorrect code generation during JIT compilation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ronald Crane" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25752", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178460" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Potential out-of-bounds when accessing throttled streams", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25752" }, { "category": "external", "summary": "RHBZ#2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25752", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:32:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1444" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Potential out-of-bounds when accessing throttled streams" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28162", "cwe": { "id": "CWE-704", "name": "Incorrect Type Conversion or Cast" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178466" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nWhile implementing AudioWorklets, some code may have cast one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Invalid downcast in Worklets", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28162" }, { "category": "external", "summary": "RHBZ#2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28162", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:32:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1444" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Invalid downcast in Worklets" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Luan Herrera" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28164", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178470" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28164" }, { "category": "external", "summary": "RHBZ#2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28164", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28164" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:32:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1444" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla developers and community" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28176", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178472" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue in which Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 110 and ESR 102.8. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28176" }, { "category": "external", "summary": "RHBZ#2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28176", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28176" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:32:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1444" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.src", "AppStream-8.4.0.Z.EUS:firefox-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debuginfo-0:102.9.0-4.el8_4.x86_64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.aarch64", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.ppc64le", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.s390x", "AppStream-8.4.0.Z.EUS:firefox-debugsource-0:102.9.0-4.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9" } ] }
rhsa-2023_1406
Vulnerability from csaf_redhat
Published
2023-03-22 10:40
Modified
2024-11-22 22:18
Summary
Red Hat Security Advisory: nss security update
Notes
Topic
An update for nss is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.
Security Fix(es):
* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for nss is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1406", "url": "https://access.redhat.com/errata/RHSA-2023:1406" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1406.json" } ], "title": "Red Hat Security Advisory: nss security update", "tracking": { "current_release_date": "2024-11-22T22:18:58+00:00", "generator": { "date": "2024-11-22T22:18:58+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1406", "initial_release_date": "2023-03-22T10:40:32+00:00", "revision_history": [ { "date": "2023-03-22T10:40:32+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-22T10:40:32+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:18:58+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_aus:8.2::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_e4s:8.2::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_tus:8.2::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.53.1-13.el8_2.src", "product": { "name": "nss-0:3.53.1-13.el8_2.src", "product_id": "nss-0:3.53.1-13.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.53.1-13.el8_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-0:3.53.1-13.el8_2.i686", "product_id": "nss-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-devel-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-devel-0:3.53.1-13.el8_2.i686", "product_id": "nss-devel-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-softokn-0:3.53.1-13.el8_2.i686", "product_id": "nss-softokn-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-softokn-devel-0:3.53.1-13.el8_2.i686", "product_id": "nss-softokn-devel-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "product_id": "nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "product_id": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-util-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-util-0:3.53.1-13.el8_2.i686", "product_id": "nss-util-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-util-devel-0:3.53.1-13.el8_2.i686", "product_id": "nss-util-devel-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-debugsource-0:3.53.1-13.el8_2.i686", "product_id": "nss-debugsource-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-debuginfo-0:3.53.1-13.el8_2.i686", "product_id": "nss-debuginfo-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "product_id": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "product_id": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "product_id": "nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-13.el8_2?arch=i686" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "product": { "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "product_id": "nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-13.el8_2?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-devel-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-devel-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-devel-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-softokn-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-softokn-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-sysinit-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-sysinit-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-tools-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-tools-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-util-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-util-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-util-devel-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-util-devel-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-debugsource-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-debugsource-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-13.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "product": { "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_id": "nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-13.el8_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nss-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-devel-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-devel-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-devel-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-devel@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-softokn-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-softokn-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-devel-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-softokn-devel-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-softokn-devel-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-devel@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-softokn-freebl-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-devel@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-sysinit-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-sysinit-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-tools-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-tools-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-util-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-util-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-devel-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-util-devel-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-util-devel-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-devel@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debugsource-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-debugsource-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-debugsource-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debugsource@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-debuginfo@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-debuginfo@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-softokn-freebl-debuginfo@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-sysinit-debuginfo@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-tools-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-tools-debuginfo@3.53.1-13.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product": { "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_id": "nss-util-debuginfo-0:3.53.1-13.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nss-util-debuginfo@3.53.1-13.el8_2?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-13.el8_2.src as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.src" }, "product_reference": "nss-0:3.53.1-13.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-debugsource-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-debugsource-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-debugsource-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-debugsource-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-sysinit-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-sysinit-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-tools-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-tools-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-util-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-util-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-util-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-util-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-util-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-util-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-util-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:nss-util-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-util-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-13.el8_2.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.src" }, "product_reference": "nss-0:3.53.1-13.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-debuginfo-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-debugsource-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-debugsource-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-debugsource-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-devel-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-softokn-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-softokn-devel-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-softokn-freebl-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-sysinit-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-sysinit-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-sysinit-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-sysinit-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-tools-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-tools-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-tools-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-tools-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-util-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-util-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-util-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-util-debuginfo-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-util-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-13.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.ppc64le" }, "product_reference": "nss-util-devel-0:3.53.1-13.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-util-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-13.el8_2.src as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.src" }, "product_reference": "nss-0:3.53.1-13.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-debugsource-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-debugsource-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-debugsource-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-debugsource-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-debugsource-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-sysinit-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-sysinit-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-tools-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-tools-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-util-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-util-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-util-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-util-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-util-debuginfo-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-13.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-util-devel-0:3.53.1-13.el8_2.i686" }, "product_reference": "nss-util-devel-0:3.53.1-13.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "nss-util-devel-0:3.53.1-13.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:nss-util-devel-0:3.53.1-13.el8_2.x86_64" }, "product_reference": "nss-util-devel-0:3.53.1-13.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.src", "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-debugsource-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-debugsource-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-sysinit-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-tools-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-util-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-util-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-util-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-util-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.src", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-sysinit-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-sysinit-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-tools-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-tools-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.src", "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-debugsource-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-debugsource-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-sysinit-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-tools-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-util-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-util-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-util-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-util-devel-0:3.53.1-13.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-22T10:40:32+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.src", "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-debugsource-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-debugsource-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-sysinit-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-tools-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-util-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-util-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-util-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-util-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.src", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-sysinit-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-sysinit-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-tools-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-tools-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.src", "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-debugsource-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-debugsource-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-sysinit-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-tools-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-util-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-util-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-util-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-util-devel-0:3.53.1-13.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1406" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.src", "AppStream-8.2.0.Z.AUS:nss-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-debugsource-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-debugsource-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-sysinit-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-tools-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-util-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-util-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:nss-util-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.AUS:nss-util-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.src", "AppStream-8.2.0.Z.E4S:nss-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-debugsource-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-sysinit-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-sysinit-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-tools-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-tools-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-util-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:nss-util-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.src", "AppStream-8.2.0.Z.TUS:nss-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-debugsource-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-debugsource-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-softokn-freebl-devel-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-sysinit-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-sysinit-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-tools-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-tools-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-util-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-util-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-util-debuginfo-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-util-debuginfo-0:3.53.1-13.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:nss-util-devel-0:3.53.1-13.el8_2.i686", "AppStream-8.2.0.Z.TUS:nss-util-devel-0:3.53.1-13.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" } ] }
rhsa-2023_1445
Vulnerability from csaf_redhat
Published
2023-03-23 11:20
Modified
2024-11-22 22:19
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 102.9.0 ESR.
Security Fix(es):
* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)
* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)
* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)
* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)
* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 102.9.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751)\n\n* Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176)\n\n* Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752)\n\n* Mozilla: Invalid downcast in Worklets (CVE-2023-28162)\n\n* Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1445", "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1445.json" } ], "title": "Red Hat Security Advisory: firefox security update", "tracking": { "current_release_date": "2024-11-22T22:19:20+00:00", "generator": { "date": "2024-11-22T22:19:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2023:1445", "initial_release_date": "2023-03-23T11:20:26+00:00", "revision_history": [ { "date": "2023-03-23T11:20:26+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-23T11:20:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T22:19:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_aus:8.2::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_e4s:8.2::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_tus:8.2::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_2.src", "product": { "name": "firefox-0:102.9.0-4.el8_2.src", "product_id": "firefox-0:102.9.0-4.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_2.x86_64", "product": { "name": "firefox-0:102.9.0-4.el8_2.x86_64", "product_id": "firefox-0:102.9.0-4.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "product": { "name": "firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "product_id": "firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debugsource@102.9.0-4.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "product": { "name": "firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "product_id": "firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@102.9.0-4.el8_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "firefox-0:102.9.0-4.el8_2.ppc64le", "product": { "name": "firefox-0:102.9.0-4.el8_2.ppc64le", "product_id": "firefox-0:102.9.0-4.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox@102.9.0-4.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "product": { "name": "firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "product_id": "firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debugsource@102.9.0-4.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "product": { "name": "firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "product_id": "firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/firefox-debuginfo@102.9.0-4.el8_2?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_2.src as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src" }, "product_reference": "firefox-0:102.9.0-4.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64" }, "product_reference": "firefox-0:102.9.0-4.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:102.9.0-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64" }, "product_reference": "firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debugsource-0:102.9.0-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" }, "product_reference": "firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.AUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le" }, "product_reference": "firefox-0:102.9.0-4.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_2.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src" }, "product_reference": "firefox-0:102.9.0-4.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64" }, "product_reference": "firefox-0:102.9.0-4.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le" }, "product_reference": "firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:102.9.0-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64" }, "product_reference": "firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debugsource-0:102.9.0-4.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le" }, "product_reference": "firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debugsource-0:102.9.0-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.2)", "product_id": "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" }, "product_reference": "firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_2.src as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src" }, "product_reference": "firefox-0:102.9.0-4.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-0:102.9.0-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64" }, "product_reference": "firefox-0:102.9.0-4.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debuginfo-0:102.9.0-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64" }, "product_reference": "firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" }, { "category": "default_component_of", "full_product_name": { "name": "firefox-debugsource-0:102.9.0-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" }, "product_reference": "firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.TUS" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Christian Holler" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-0767", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170377" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nAn attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.", "title": "Vulnerability description" }, { "category": "summary", "text": "nss: Arbitrary memory write via PKCS 12", "title": "Vulnerability summary" }, { "category": "other", "text": "Firefox and Thunderbird in Red Hat Enterprise Linux 8.6 and later are not affected by this vulnerability, as they use the system NSS library. Firefox and Thunderbird in earlier Red Hat Enterprise Linux 8 extended life streams were affected, and should be updated to fixed versions as they become available.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-0767" }, { "category": "external", "summary": "RHBZ#2170377", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "url": "https://www.cve.org/CVERecord?id=CVE-2023-0767" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767" } ], "release_date": "2023-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:20:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1445" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nss: Arbitrary memory write via PKCS 12" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25751", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178458" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of invalidating JIT code while following an iterator. The newly generated code could be overwritten incorrectly, leading to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Incorrect code generation during JIT compilation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25751" }, { "category": "external", "summary": "RHBZ#2178458", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25751", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25751" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25751" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25751" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:20:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1445" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Incorrect code generation during JIT compilation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Ronald Crane" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-25752", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178460" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when accessing throttled streams, the count of available bytes needs to be checked in the calling function to be within bounds. This may have led future code to be incorrect and vulnerable.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Potential out-of-bounds when accessing throttled streams", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-25752" }, { "category": "external", "summary": "RHBZ#2178460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-25752", "url": "https://www.cve.org/CVERecord?id=CVE-2023-25752" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-25752" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-25752" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:20:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1445" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Potential out-of-bounds when accessing throttled streams" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Lukas Bernhard" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28162", "cwe": { "id": "CWE-704", "name": "Incorrect Type Conversion or Cast" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178466" } ], "notes": [ { "category": "description", "text": "The Mozilla Foundation Security Advisory describes this flaw as:\r\n\r\nWhile implementing AudioWorklets, some code may have cast one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Invalid downcast in Worklets", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28162" }, { "category": "external", "summary": "RHBZ#2178466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28162", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28162" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28162" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:20:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1445" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: Invalid downcast in Worklets" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Luan Herrera" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28164", "cwe": { "id": "CWE-829", "name": "Inclusion of Functionality from Untrusted Control Sphere" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178470" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue of dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28164" }, { "category": "external", "summary": "RHBZ#2178470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28164", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28164" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28164" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28164" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:20:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1445" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation" }, { "acknowledgments": [ { "names": [ "the Mozilla project" ] }, { "names": [ "Mozilla developers and community" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2023-28176", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2023-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2178472" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory described the issue in which Mozilla developers Timothy Nikkel, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 110 and ESR 102.8. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have been exploited to run arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-28176" }, { "category": "external", "summary": "RHBZ#2178472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-28176", "url": "https://www.cve.org/CVERecord?id=CVE-2023-28176" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10/#CVE-2023-28176" }, { "category": "external", "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/#CVE-2023-28176" } ], "release_date": "2023-03-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T11:20:26+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "product_ids": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1445" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.AUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.AUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.E4S:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.ppc64le", "AppStream-8.2.0.Z.E4S:firefox-debugsource-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.src", "AppStream-8.2.0.Z.TUS:firefox-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debuginfo-0:102.9.0-4.el8_2.x86_64", "AppStream-8.2.0.Z.TUS:firefox-debugsource-0:102.9.0-4.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9" } ] }
WID-SEC-W-2023-0385
Vulnerability from csaf_certbund
Published
2023-02-14 23:00
Modified
2023-09-27 22:00
Summary
Mozilla Firefox: Mehrere Schwachstellen ermöglichen Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Firefox ist ein Open Source Web Browser.
ESR ist die Variante mit verlängertem Support.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox und Mozilla Firefox ESR ausnutzen, um Code auszuführen, Sicherheitsmechanismen zu umgehen, den Benutzer zu täuschen, Informationen offenzulegen und andere unbekannte Effekte zu erzielen.
Betroffene Betriebssysteme
- UNIX
- Linux
- MacOS X
- Windows
- Android
- iPhoneOS
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Firefox ist ein Open Source Web Browser. \r\nESR ist die Variante mit verl\u00e4ngertem Support.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox und Mozilla Firefox ESR ausnutzen, um Code auszuf\u00fchren, Sicherheitsmechanismen zu umgehen, den Benutzer zu t\u00e4uschen, Informationen offenzulegen und andere unbekannte Effekte zu erzielen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- MacOS X\n- Windows\n- Android\n- iPhoneOS", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0385 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0385.json" }, { "category": "self", "summary": "WID-SEC-2023-0385 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0385" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALASFIREFOX-2023-007 vom 2023-09-27", "url": "https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-007.html" }, { "category": "external", "summary": "ORACLE OVMSA-2023-0014 vom 2023-08-17", "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2023-August/001079.html" }, { "category": "external", "summary": "IBM Security Bulletin 7010099 vom 2023-07-06", "url": "https://www.ibm.com/support/pages/node/7010099" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202305-35 vom 2023-05-30", "url": "https://security.gentoo.org/glsa/202305-35" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2023-1736 vom 2023-05-04", "url": "https://alas.aws.amazon.com/ALAS-2023-1736.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:2098 vom 2023-05-03", "url": "https://access.redhat.com/errata/RHSA-2023:2098" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1677 vom 2023-04-15", "url": "https://access.redhat.com/errata/RHSA-2023:1677" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-12238 vom 2023-04-06", "url": "http://linux.oracle.com/errata/ELSA-2023-12238.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1479 vom 2023-03-27", "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "category": "external", "summary": "NetApp Security Advisory NTAP-20230324-0008 vom 2023-03-24", "url": "https://security.netapp.com/advisory/ntap-20230324-0008/" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1436 vom 2023-03-23", "url": "https://access.redhat.com/errata/RHSA-2023:1436" }, { "category": "external", "summary": "CentOS Security Advisory CESA-2023:1332 vom 2023-03-22", "url": "https://lists.centos.org/pipermail/centos-announce/2023-March/086393.html" }, { "category": "external", "summary": "XEROX Security Advisory XRX23-002 vom 2023-03-23", "url": "https://security.business.xerox.com/wp-content/uploads/2023/03/Xerox-Security-Bulletin-XRX23-002-FreeFlow-Print-Server-v2_Windows10.pdf" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1406 vom 2023-03-22", "url": "https://access.redhat.com/errata/RHSA-2023:1406" }, { "category": "external", "summary": "IGEL Security Notice ISN-2023-02 vom 2023-03-22", "url": "https://kb.igel.com/securitysafety/en/isn-2023-02-firefox-esr-vulnerabilities-81501314.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2023-1992 vom 2023-03-22", "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1370 vom 2023-03-21", "url": "https://access.redhat.com/errata/RHSA-2023:1370" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1368 vom 2023-03-21", "url": "https://access.redhat.com/errata/RHSA-2023:1368" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1366 vom 2023-03-21", "url": "https://access.redhat.com/errata/RHSA-2023:1366" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1369 vom 2023-03-21", "url": "https://access.redhat.com/errata/RHSA-2023:1369" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1365 vom 2023-03-21", "url": "https://access.redhat.com/errata/RHSA-2023:1365" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-1368 vom 2023-03-22", "url": "http://linux.oracle.com/errata/ELSA-2023-1368.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1332 vom 2023-03-20", "url": "https://access.redhat.com/errata/RHSA-2023:1332" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-1332 vom 2023-03-20", "url": "http://linux.oracle.com/errata/ELSA-2023-1332.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1252 vom 2023-03-15", "url": "https://access.redhat.com/errata/RHSA-2023:1252" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-1252 vom 2023-03-15", "url": "http://linux.oracle.com/errata/ELSA-2023-1252.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5892-2 vom 2023-03-06", "url": "https://ubuntu.com/security/notices/USN-5892-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5880-2 vom 2023-03-01", "url": "https://ubuntu.com/security/notices/USN-5880-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5892-1 vom 2023-02-27", "url": "https://ubuntu.com/security/notices/USN-5892-1" }, { "category": "external", "summary": "Mozilla Foundation Security Advisory vom 2023-02-14", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/" }, { "category": "external", "summary": "Mozilla Foundation Security Advisory vom 2023-02-14", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/" }, { "category": "external", "summary": "Debian Security Advisory DSA-5350 vom 2023-02-15", "url": "https://lists.debian.org/debian-security-announce/2023/msg00039.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0434-1 vom 2023-02-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013802.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3319 vom 2023-02-16", "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00013.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5880-1 vom 2023-02-20", "url": "https://ubuntu.com/security/notices/USN-5880-1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0443-1 vom 2023-02-17", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013833.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-5353 vom 2023-02-18", "url": "https://www.debian.org/security/2023/dsa-5353" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0812 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0805 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0809 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0806 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0811 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0810 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0808 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0807 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0461-1 vom 2023-02-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013843.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3327 vom 2023-02-20", "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0812 vom 2023-02-21", "url": "https://linux.oracle.com/errata/ELSA-2023-0812.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0810 vom 2023-02-21", "url": "https://linux.oracle.com/errata/ELSA-2023-0810.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0808 vom 2023-02-20", "url": "https://linux.oracle.com/errata/ELSA-2023-0808.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0466-1 vom 2023-02-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013853.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0466-1 vom 2023-02-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013858.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0468-1 vom 2023-02-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013851.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0469-1 vom 2023-02-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013850.html" }, { "category": "external", "summary": "CentOS Security Advisory CESA-2023:0812 vom 2023-02-22", "url": "https://lists.centos.org/pipermail/centos-announce/2023-February/086376.html" } ], "source_lang": "en-US", "title": "Mozilla Firefox: Mehrere Schwachstellen erm\u00f6glichen Codeausf\u00fchrung", "tracking": { "current_release_date": "2023-09-27T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:14:25.388+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0385", "initial_release_date": "2023-02-14T23:00:00.000+00:00", "revision_history": [ { "date": "2023-02-14T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-02-15T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2023-02-16T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2023-02-19T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Ubuntu, SUSE und Debian aufgenommen" }, { "date": "2023-02-20T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von SUSE, Debian und Oracle Linux aufgenommen" }, { "date": "2023-02-21T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2023-02-22T23:00:00.000+00:00", "number": "7", "summary": "Neue Updates von CentOS aufgenommen" }, { "date": "2023-02-27T23:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2023-02-28T23:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2023-03-06T23:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2023-03-15T23:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen" }, { "date": "2023-03-20T23:00:00.000+00:00", "number": "12", "summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen" }, { "date": "2023-03-21T23:00:00.000+00:00", "number": "13", "summary": "Neue Updates von Oracle Linux, Red Hat und Amazon aufgenommen" }, { "date": "2023-03-22T23:00:00.000+00:00", "number": "14", "summary": "Neue Updates von IGEL, Red Hat, XEROX und CentOS aufgenommen" }, { "date": "2023-03-23T23:00:00.000+00:00", "number": "15", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-03-26T22:00:00.000+00:00", "number": "16", "summary": "Neue Updates von NetApp aufgenommen" }, { "date": "2023-03-27T22:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-04-10T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2023-04-16T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-05-03T22:00:00.000+00:00", "number": "20", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-05-04T22:00:00.000+00:00", "number": "21", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2023-05-29T22:00:00.000+00:00", "number": "22", "summary": "Neue Updates von Gentoo aufgenommen" }, { "date": "2023-07-06T22:00:00.000+00:00", "number": "23", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-08-17T22:00:00.000+00:00", "number": "24", "summary": "Neue Updates von ORACLE aufgenommen" }, { "date": "2023-09-27T22:00:00.000+00:00", "number": "25", "summary": "Neue Updates von Amazon aufgenommen" } ], "status": "final", "version": "25" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "category": "product_name", "name": "IBM QRadar SIEM 7.5", "product": { "name": "IBM QRadar SIEM 7.5", "product_id": "T022954", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.5" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "IGEL OS \u003c 11.08.290", "product": { "name": "IGEL OS \u003c 11.08.290", "product_id": "T026855", "product_identification_helper": { "cpe": "cpe:/o:igel:os:11.08.290" } } } ], "category": "vendor", "name": "IGEL" }, { "branches": [ { "category": "product_name", "name": "Mozilla Firefox \u003c 110", "product": { "name": "Mozilla Firefox \u003c 110", "product_id": "T026306", "product_identification_helper": { "cpe": "cpe:/a:mozilla:firefox:110" } } }, { "category": "product_name", "name": "Mozilla Firefox ESR \u003c 102.8", "product": { "name": "Mozilla Firefox ESR \u003c 102.8", "product_id": "T026307", "product_identification_helper": { "cpe": "cpe:/a:mozilla:firefox_esr:102.8" } } } ], "category": "vendor", "name": "Mozilla" }, { "branches": [ { "category": "product_name", "name": "NetApp ActiveIQ Unified Manager", "product": { "name": "NetApp ActiveIQ Unified Manager", "product_id": "658714", "product_identification_helper": { "cpe": "cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~" } } } ], "category": "vendor", "name": "NetApp" }, { "branches": [ { "category": "product_name", "name": "Open Source CentOS", "product": { "name": "Open Source CentOS", "product_id": "1727", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:-" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } }, { "category": "product_name", "name": "Oracle VM 3", "product": { "name": "Oracle VM 3", "product_id": "T019617", "product_identification_helper": { "cpe": "cpe:/a:oracle:vm:3" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Multicluster Engine", "product": { "name": "Red Hat Enterprise Linux Multicluster Engine", "product_id": "T027598", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:multicluster_engine" } } } ], "category": "product_name", "name": "Enterprise Linux" }, { "category": "product_name", "name": "Red Hat Virtualization 4", "product": { "name": "Red Hat Virtualization 4", "product_id": "T026451", "product_identification_helper": { "cpe": "cpe:/a:redhat:virtualization:4" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" }, { "branches": [ { "category": "product_name", "name": "Xerox FreeFlow Print Server v2", "product": { "name": "Xerox FreeFlow Print Server v2", "product_id": "T014888", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v2" } } } ], "category": "vendor", "name": "Xerox" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-25728", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25728" }, { "cve": "CVE-2023-25729", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25729" }, { "cve": "CVE-2023-25730", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25730" }, { "cve": "CVE-2023-25731", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25731" }, { "cve": "CVE-2023-25732", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25732" }, { "cve": "CVE-2023-25733", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25733" }, { "cve": "CVE-2023-25734", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25734" }, { "cve": "CVE-2023-25735", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25735" }, { "cve": "CVE-2023-25736", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25736" }, { "cve": "CVE-2023-25737", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25737" }, { "cve": "CVE-2023-25738", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25738" }, { "cve": "CVE-2023-25739", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25739" }, { "cve": "CVE-2023-25740", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25740" }, { "cve": "CVE-2023-25741", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25741" }, { "cve": "CVE-2023-25742", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25742" }, { "cve": "CVE-2023-25743", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25743" }, { "cve": "CVE-2023-25744", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25744" }, { "cve": "CVE-2023-25745", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25745" }, { "cve": "CVE-2023-25746", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25746" } ] }
wid-sec-w-2023-1424
Vulnerability from csaf_certbund
Published
2023-06-12 22:00
Modified
2023-06-12 22:00
Summary
Xerox FreeFlow Print Server für Solaris: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Betroffene Betriebssysteme
- UNIX
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1424 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1424.json" }, { "category": "self", "summary": "WID-SEC-2023-1424 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1424" }, { "category": "external", "summary": "Xerox Security Bulletin vom 2023-06-12", "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2023/06/Xerox-Security-Bulletin-XRX23-009-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf" } ], "source_lang": "en-US", "title": "Xerox FreeFlow Print Server f\u00fcr Solaris: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-06-12T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:30:41.322+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1424", "initial_release_date": "2023-06-12T22:00:00.000+00:00", "revision_history": [ { "date": "2023-06-12T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Xerox FreeFlow Print Server v9 for Solaris", "product": { "name": "Xerox FreeFlow Print Server v9 for Solaris", "product_id": "T028053", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v9_for_solaris" } } } ], "category": "vendor", "name": "Xerox" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-28708", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-28708" }, { "cve": "CVE-2023-28176", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-28176" }, { "cve": "CVE-2023-28164", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-28164" }, { "cve": "CVE-2023-28163", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-28163" }, { "cve": "CVE-2023-28162", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-28162" }, { "cve": "CVE-2023-27522", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-27522" }, { "cve": "CVE-2023-25752", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25752" }, { "cve": "CVE-2023-25751", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25751" }, { "cve": "CVE-2023-25746", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25746" }, { "cve": "CVE-2023-25744", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25744" }, { "cve": "CVE-2023-25743", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25743" }, { "cve": "CVE-2023-25742", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25742" }, { "cve": "CVE-2023-25739", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25739" }, { "cve": "CVE-2023-25738", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25738" }, { "cve": "CVE-2023-25737", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25737" }, { "cve": "CVE-2023-25735", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25735" }, { "cve": "CVE-2023-25734", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25734" }, { "cve": "CVE-2023-25732", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25732" }, { "cve": "CVE-2023-25730", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25730" }, { "cve": "CVE-2023-25729", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25729" }, { "cve": "CVE-2023-25728", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25728" }, { "cve": "CVE-2023-25690", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25690" }, { "cve": "CVE-2023-24998", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-24998" }, { "cve": "CVE-2023-24807", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-24807" }, { "cve": "CVE-2023-24580", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-24580" }, { "cve": "CVE-2023-23969", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23969" }, { "cve": "CVE-2023-23946", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23946" }, { "cve": "CVE-2023-23936", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23936" }, { "cve": "CVE-2023-23920", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23920" }, { "cve": "CVE-2023-23919", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23919" }, { "cve": "CVE-2023-23918", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23918" }, { "cve": "CVE-2023-23605", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23605" }, { "cve": "CVE-2023-23603", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23603" }, { "cve": "CVE-2023-23602", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23602" }, { "cve": "CVE-2023-23601", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23601" }, { "cve": "CVE-2023-23599", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23599" }, { "cve": "CVE-2023-23598", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23598" }, { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2023-22490", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-22490" }, { "cve": "CVE-2023-22003", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-22003" }, { "cve": "CVE-2023-21985", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21985" }, { "cve": "CVE-2023-21984", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21984" }, { "cve": "CVE-2023-21928", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21928" }, { "cve": "CVE-2023-21896", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21896" }, { "cve": "CVE-2023-21843", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21843" }, { "cve": "CVE-2023-21840", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21840" }, { "cve": "CVE-2023-21830", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21830" }, { "cve": "CVE-2023-0804", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0804" }, { "cve": "CVE-2023-0803", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0803" }, { "cve": "CVE-2023-0802", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0802" }, { "cve": "CVE-2023-0801", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0801" }, { "cve": "CVE-2023-0800", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0800" }, { "cve": "CVE-2023-0799", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0799" }, { "cve": "CVE-2023-0798", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0798" }, { "cve": "CVE-2023-0797", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0797" }, { "cve": "CVE-2023-0796", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0796" }, { "cve": "CVE-2023-0795", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0795" }, { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-0662", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0662" }, { "cve": "CVE-2023-0616", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0616" }, { "cve": "CVE-2023-0568", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0568" }, { "cve": "CVE-2023-0567", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0567" }, { "cve": "CVE-2023-0430", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0430" }, { "cve": "CVE-2023-0417", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0417" }, { "cve": "CVE-2023-0416", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0416" }, { "cve": "CVE-2023-0415", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0415" }, { "cve": "CVE-2023-0414", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0414" }, { "cve": "CVE-2023-0413", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0413" }, { "cve": "CVE-2023-0412", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0412" }, { "cve": "CVE-2023-0411", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0411" }, { "cve": "CVE-2023-0401", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0401" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0217", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0217" }, { "cve": "CVE-2023-0216", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0216" }, { "cve": "CVE-2023-0215", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0215" }, { "cve": "CVE-2022-48281", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-48281" }, { "cve": "CVE-2022-46877", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46877" }, { "cve": "CVE-2022-46874", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46874" }, { "cve": "CVE-2022-46871", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46871" }, { "cve": "CVE-2022-46344", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46344" }, { "cve": "CVE-2022-46343", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46343" }, { "cve": "CVE-2022-46342", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46342" }, { "cve": "CVE-2022-46341", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46341" }, { "cve": "CVE-2022-46340", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46340" }, { "cve": "CVE-2022-45939", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-45939" }, { "cve": "CVE-2022-45199", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-45199" }, { "cve": "CVE-2022-45143", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-45143" }, { "cve": "CVE-2022-4450", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-4450" }, { "cve": "CVE-2022-4345", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-4345" }, { "cve": "CVE-2022-4304", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-4304" }, { "cve": "CVE-2022-42919", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42919" }, { "cve": "CVE-2022-42916", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42916" }, { "cve": "CVE-2022-42915", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42915" }, { "cve": "CVE-2022-42898", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42898" }, { "cve": "CVE-2022-4283", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-4283" }, { "cve": "CVE-2022-4203", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-4203" }, { "cve": "CVE-2022-42012", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42012" }, { "cve": "CVE-2022-42011", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42011" }, { "cve": "CVE-2022-42010", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42010" }, { "cve": "CVE-2022-41903", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-41903" }, { "cve": "CVE-2022-41716", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-41716" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-40898", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-40898" }, { "cve": "CVE-2022-40304", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-40304" }, { "cve": "CVE-2022-40303", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-40303" }, { "cve": "CVE-2022-39253", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-39253" }, { "cve": "CVE-2022-3924", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3924" }, { "cve": "CVE-2022-38784", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-38784" }, { "cve": "CVE-2022-38171", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-38171" }, { "cve": "CVE-2022-37436", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-37436" }, { "cve": "CVE-2022-3736", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3736" }, { "cve": "CVE-2022-3705", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3705" }, { "cve": "CVE-2022-36760", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-36760" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-36114", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-36114" }, { "cve": "CVE-2022-36113", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-36113" }, { "cve": "CVE-2022-35260", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-35260" }, { "cve": "CVE-2022-35252", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-35252" }, { "cve": "CVE-2022-3515", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3515" }, { "cve": "CVE-2022-3352", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3352" }, { "cve": "CVE-2022-3324", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3324" }, { "cve": "CVE-2022-3297", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3297" }, { "cve": "CVE-2022-3296", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3296" }, { "cve": "CVE-2022-3278", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3278" }, { "cve": "CVE-2022-3256", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3256" }, { "cve": "CVE-2022-3235", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3235" }, { "cve": "CVE-2022-3234", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3234" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-32208", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32208" }, { "cve": "CVE-2022-32207", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32207" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-32205", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32205" }, { "cve": "CVE-2022-32190", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32190" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32148", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32148" }, { "cve": "CVE-2022-3153", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3153" }, { "cve": "CVE-2022-3134", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3134" }, { "cve": "CVE-2022-3099", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3099" }, { "cve": "CVE-2022-3094", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3094" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-30634", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30634" }, { "cve": "CVE-2022-30633", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30633" }, { "cve": "CVE-2022-30632", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30632" }, { "cve": "CVE-2022-30631", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30631" }, { "cve": "CVE-2022-30630", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30630" }, { "cve": "CVE-2022-30629", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30629" }, { "cve": "CVE-2022-30580", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30580" }, { "cve": "CVE-2022-3037", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3037" }, { "cve": "CVE-2022-3016", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3016" }, { "cve": "CVE-2022-29804", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-29804" }, { "cve": "CVE-2022-2980", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2980" }, { "cve": "CVE-2022-29526", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-29526" }, { "cve": "CVE-2022-2946", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2946" }, { "cve": "CVE-2022-2929", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2929" }, { "cve": "CVE-2022-2928", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2928" }, { "cve": "CVE-2022-2923", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2923" }, { "cve": "CVE-2022-2889", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2889" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-2874", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2874" }, { "cve": "CVE-2022-2862", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2862" }, { "cve": "CVE-2022-2849", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2849" }, { "cve": "CVE-2022-2845", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2845" }, { "cve": "CVE-2022-28331", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-28331" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-28327" }, { "cve": "CVE-2022-2819", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2819" }, { "cve": "CVE-2022-2817", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2817" }, { "cve": "CVE-2022-2816", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2816" }, { "cve": "CVE-2022-28131", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-28131" }, { "cve": "CVE-2022-27778", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-27778" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-27536", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-27536" }, { "cve": "CVE-2022-27337", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-27337" }, { "cve": "CVE-2022-25255", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-25255" }, { "cve": "CVE-2022-25147", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-25147" }, { "cve": "CVE-2022-24963", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-24963" }, { "cve": "CVE-2022-24675", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-24675" }, { "cve": "CVE-2022-23521", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-23521" }, { "cve": "CVE-2022-2309", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2309" }, { "cve": "CVE-2022-21515", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-21515" }, { "cve": "CVE-2022-21349", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-21349" }, { "cve": "CVE-2022-21291", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-21291" }, { "cve": "CVE-2022-1962", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-1962" }, { "cve": "CVE-2022-1705", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-1705" }, { "cve": "CVE-2022-1292", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-1292" }, { "cve": "CVE-2022-1122", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-1122" }, { "cve": "CVE-2022-0718", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-0718" }, { "cve": "CVE-2021-37750", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2021-37750" }, { "cve": "CVE-2021-37519", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2021-37519" }, { "cve": "CVE-2021-35940", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2021-35940" }, { "cve": "CVE-2021-30860", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2021-30860" }, { "cve": "CVE-2021-29338", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2021-29338" }, { "cve": "CVE-2018-25032", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2018-25032" }, { "cve": "CVE-2017-12613", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2017-12613" }, { "cve": "CVE-2006-20001", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2006-20001" } ] }
wid-sec-w-2023-0385
Vulnerability from csaf_certbund
Published
2023-02-14 23:00
Modified
2023-09-27 22:00
Summary
Mozilla Firefox: Mehrere Schwachstellen ermöglichen Codeausführung
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Firefox ist ein Open Source Web Browser.
ESR ist die Variante mit verlängertem Support.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox und Mozilla Firefox ESR ausnutzen, um Code auszuführen, Sicherheitsmechanismen zu umgehen, den Benutzer zu täuschen, Informationen offenzulegen und andere unbekannte Effekte zu erzielen.
Betroffene Betriebssysteme
- UNIX
- Linux
- MacOS X
- Windows
- Android
- iPhoneOS
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Firefox ist ein Open Source Web Browser. \r\nESR ist die Variante mit verl\u00e4ngertem Support.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox und Mozilla Firefox ESR ausnutzen, um Code auszuf\u00fchren, Sicherheitsmechanismen zu umgehen, den Benutzer zu t\u00e4uschen, Informationen offenzulegen und andere unbekannte Effekte zu erzielen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- MacOS X\n- Windows\n- Android\n- iPhoneOS", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0385 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0385.json" }, { "category": "self", "summary": "WID-SEC-2023-0385 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0385" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALASFIREFOX-2023-007 vom 2023-09-27", "url": "https://alas.aws.amazon.com/AL2/ALASFIREFOX-2023-007.html" }, { "category": "external", "summary": "ORACLE OVMSA-2023-0014 vom 2023-08-17", "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2023-August/001079.html" }, { "category": "external", "summary": "IBM Security Bulletin 7010099 vom 2023-07-06", "url": "https://www.ibm.com/support/pages/node/7010099" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202305-35 vom 2023-05-30", "url": "https://security.gentoo.org/glsa/202305-35" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2023-1736 vom 2023-05-04", "url": "https://alas.aws.amazon.com/ALAS-2023-1736.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:2098 vom 2023-05-03", "url": "https://access.redhat.com/errata/RHSA-2023:2098" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1677 vom 2023-04-15", "url": "https://access.redhat.com/errata/RHSA-2023:1677" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-12238 vom 2023-04-06", "url": "http://linux.oracle.com/errata/ELSA-2023-12238.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1479 vom 2023-03-27", "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "category": "external", "summary": "NetApp Security Advisory NTAP-20230324-0008 vom 2023-03-24", "url": "https://security.netapp.com/advisory/ntap-20230324-0008/" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1436 vom 2023-03-23", "url": "https://access.redhat.com/errata/RHSA-2023:1436" }, { "category": "external", "summary": "CentOS Security Advisory CESA-2023:1332 vom 2023-03-22", "url": "https://lists.centos.org/pipermail/centos-announce/2023-March/086393.html" }, { "category": "external", "summary": "XEROX Security Advisory XRX23-002 vom 2023-03-23", "url": "https://security.business.xerox.com/wp-content/uploads/2023/03/Xerox-Security-Bulletin-XRX23-002-FreeFlow-Print-Server-v2_Windows10.pdf" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1406 vom 2023-03-22", "url": "https://access.redhat.com/errata/RHSA-2023:1406" }, { "category": "external", "summary": "IGEL Security Notice ISN-2023-02 vom 2023-03-22", "url": "https://kb.igel.com/securitysafety/en/isn-2023-02-firefox-esr-vulnerabilities-81501314.html" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2023-1992 vom 2023-03-22", "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1370 vom 2023-03-21", "url": "https://access.redhat.com/errata/RHSA-2023:1370" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1368 vom 2023-03-21", "url": "https://access.redhat.com/errata/RHSA-2023:1368" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1366 vom 2023-03-21", "url": "https://access.redhat.com/errata/RHSA-2023:1366" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1369 vom 2023-03-21", "url": "https://access.redhat.com/errata/RHSA-2023:1369" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1365 vom 2023-03-21", "url": "https://access.redhat.com/errata/RHSA-2023:1365" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-1368 vom 2023-03-22", "url": "http://linux.oracle.com/errata/ELSA-2023-1368.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1332 vom 2023-03-20", "url": "https://access.redhat.com/errata/RHSA-2023:1332" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-1332 vom 2023-03-20", "url": "http://linux.oracle.com/errata/ELSA-2023-1332.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1252 vom 2023-03-15", "url": "https://access.redhat.com/errata/RHSA-2023:1252" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-1252 vom 2023-03-15", "url": "http://linux.oracle.com/errata/ELSA-2023-1252.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5892-2 vom 2023-03-06", "url": "https://ubuntu.com/security/notices/USN-5892-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5880-2 vom 2023-03-01", "url": "https://ubuntu.com/security/notices/USN-5880-2" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5892-1 vom 2023-02-27", "url": "https://ubuntu.com/security/notices/USN-5892-1" }, { "category": "external", "summary": "Mozilla Foundation Security Advisory vom 2023-02-14", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/" }, { "category": "external", "summary": "Mozilla Foundation Security Advisory vom 2023-02-14", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/" }, { "category": "external", "summary": "Debian Security Advisory DSA-5350 vom 2023-02-15", "url": "https://lists.debian.org/debian-security-announce/2023/msg00039.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0434-1 vom 2023-02-16", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013802.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3319 vom 2023-02-16", "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00013.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5880-1 vom 2023-02-20", "url": "https://ubuntu.com/security/notices/USN-5880-1" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0443-1 vom 2023-02-17", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013833.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-5353 vom 2023-02-18", "url": "https://www.debian.org/security/2023/dsa-5353" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0812 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0805 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0809 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0806 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0811 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0810 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0808 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0807 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0461-1 vom 2023-02-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013843.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3327 vom 2023-02-20", "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0812 vom 2023-02-21", "url": "https://linux.oracle.com/errata/ELSA-2023-0812.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0810 vom 2023-02-21", "url": "https://linux.oracle.com/errata/ELSA-2023-0810.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0808 vom 2023-02-20", "url": "https://linux.oracle.com/errata/ELSA-2023-0808.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0466-1 vom 2023-02-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013853.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0466-1 vom 2023-02-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013858.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0468-1 vom 2023-02-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013851.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0469-1 vom 2023-02-21", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013850.html" }, { "category": "external", "summary": "CentOS Security Advisory CESA-2023:0812 vom 2023-02-22", "url": "https://lists.centos.org/pipermail/centos-announce/2023-February/086376.html" } ], "source_lang": "en-US", "title": "Mozilla Firefox: Mehrere Schwachstellen erm\u00f6glichen Codeausf\u00fchrung", "tracking": { "current_release_date": "2023-09-27T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:14:25.388+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0385", "initial_release_date": "2023-02-14T23:00:00.000+00:00", "revision_history": [ { "date": "2023-02-14T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-02-15T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2023-02-16T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2023-02-19T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Ubuntu, SUSE und Debian aufgenommen" }, { "date": "2023-02-20T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von SUSE, Debian und Oracle Linux aufgenommen" }, { "date": "2023-02-21T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2023-02-22T23:00:00.000+00:00", "number": "7", "summary": "Neue Updates von CentOS aufgenommen" }, { "date": "2023-02-27T23:00:00.000+00:00", "number": "8", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2023-02-28T23:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2023-03-06T23:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2023-03-15T23:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen" }, { "date": "2023-03-20T23:00:00.000+00:00", "number": "12", "summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen" }, { "date": "2023-03-21T23:00:00.000+00:00", "number": "13", "summary": "Neue Updates von Oracle Linux, Red Hat und Amazon aufgenommen" }, { "date": "2023-03-22T23:00:00.000+00:00", "number": "14", "summary": "Neue Updates von IGEL, Red Hat, XEROX und CentOS aufgenommen" }, { "date": "2023-03-23T23:00:00.000+00:00", "number": "15", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-03-26T22:00:00.000+00:00", "number": "16", "summary": "Neue Updates von NetApp aufgenommen" }, { "date": "2023-03-27T22:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-04-10T22:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2023-04-16T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-05-03T22:00:00.000+00:00", "number": "20", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-05-04T22:00:00.000+00:00", "number": "21", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2023-05-29T22:00:00.000+00:00", "number": "22", "summary": "Neue Updates von Gentoo aufgenommen" }, { "date": "2023-07-06T22:00:00.000+00:00", "number": "23", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2023-08-17T22:00:00.000+00:00", "number": "24", "summary": "Neue Updates von ORACLE aufgenommen" }, { "date": "2023-09-27T22:00:00.000+00:00", "number": "25", "summary": "Neue Updates von Amazon aufgenommen" } ], "status": "final", "version": "25" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "category": "product_name", "name": "IBM QRadar SIEM 7.5", "product": { "name": "IBM QRadar SIEM 7.5", "product_id": "T022954", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.5" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "IGEL OS \u003c 11.08.290", "product": { "name": "IGEL OS \u003c 11.08.290", "product_id": "T026855", "product_identification_helper": { "cpe": "cpe:/o:igel:os:11.08.290" } } } ], "category": "vendor", "name": "IGEL" }, { "branches": [ { "category": "product_name", "name": "Mozilla Firefox \u003c 110", "product": { "name": "Mozilla Firefox \u003c 110", "product_id": "T026306", "product_identification_helper": { "cpe": "cpe:/a:mozilla:firefox:110" } } }, { "category": "product_name", "name": "Mozilla Firefox ESR \u003c 102.8", "product": { "name": "Mozilla Firefox ESR \u003c 102.8", "product_id": "T026307", "product_identification_helper": { "cpe": "cpe:/a:mozilla:firefox_esr:102.8" } } } ], "category": "vendor", "name": "Mozilla" }, { "branches": [ { "category": "product_name", "name": "NetApp ActiveIQ Unified Manager", "product": { "name": "NetApp ActiveIQ Unified Manager", "product_id": "658714", "product_identification_helper": { "cpe": "cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~" } } } ], "category": "vendor", "name": "NetApp" }, { "branches": [ { "category": "product_name", "name": "Open Source CentOS", "product": { "name": "Open Source CentOS", "product_id": "1727", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:-" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } }, { "category": "product_name", "name": "Oracle VM 3", "product": { "name": "Oracle VM 3", "product_id": "T019617", "product_identification_helper": { "cpe": "cpe:/a:oracle:vm:3" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Multicluster Engine", "product": { "name": "Red Hat Enterprise Linux Multicluster Engine", "product_id": "T027598", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:multicluster_engine" } } } ], "category": "product_name", "name": "Enterprise Linux" }, { "category": "product_name", "name": "Red Hat Virtualization 4", "product": { "name": "Red Hat Virtualization 4", "product_id": "T026451", "product_identification_helper": { "cpe": "cpe:/a:redhat:virtualization:4" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" }, { "branches": [ { "category": "product_name", "name": "Xerox FreeFlow Print Server v2", "product": { "name": "Xerox FreeFlow Print Server v2", "product_id": "T014888", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v2" } } } ], "category": "vendor", "name": "Xerox" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-25728", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25728" }, { "cve": "CVE-2023-25729", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25729" }, { "cve": "CVE-2023-25730", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25730" }, { "cve": "CVE-2023-25731", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25731" }, { "cve": "CVE-2023-25732", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25732" }, { "cve": "CVE-2023-25733", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25733" }, { "cve": "CVE-2023-25734", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25734" }, { "cve": "CVE-2023-25735", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25735" }, { "cve": "CVE-2023-25736", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25736" }, { "cve": "CVE-2023-25737", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25737" }, { "cve": "CVE-2023-25738", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25738" }, { "cve": "CVE-2023-25739", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25739" }, { "cve": "CVE-2023-25740", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25740" }, { "cve": "CVE-2023-25741", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25741" }, { "cve": "CVE-2023-25742", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25742" }, { "cve": "CVE-2023-25743", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25743" }, { "cve": "CVE-2023-25744", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25744" }, { "cve": "CVE-2023-25745", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25745" }, { "cve": "CVE-2023-25746", "notes": [ { "category": "description", "text": "In Mozilla Firefox und Mozilla Firefox ESR existieren mehrere Schwachstellen. Zu den Ursachen z\u00e4hlen verschiedene Fehler in der Speicherverwaltung, sowie bei der Behandlung von Richtlinien und fehlende Warnungen. Ein Angreifer kann dadurch Code ausf\u00fchren, Sicherheitsmechanismen umgehen, den Nutzer t\u00e4uschen, Informationen offenlegen und weitere, nicht bekannt Auswirkungen erzielen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich." } ], "product_status": { "known_affected": [ "67646", "T014888", "T012167", "658714", "T004914", "T022954", "2951", "T002207", "T000126", "T026855", "T019617", "398363", "1727", "T026451", "T027598" ] }, "release_date": "2023-02-14T23:00:00Z", "title": "CVE-2023-25746" } ] }
wid-sec-w-2024-0064
Vulnerability from csaf_certbund
Published
2024-01-10 23:00
Modified
2024-01-10 23:00
Summary
Juniper Produkte: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
SRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.
Bei den Switches der Juniper EX-Serie handelt es sich um Access- und Aggregations-/Core-Layer-Switches.
Die Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren.
Die Juniper MX-Serie ist eine Produktfamilie von Routern.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper JUNOS Evolved, Juniper SRX Series, Juniper EX Series, Juniper QFX Series, Juniper ACX Series, Juniper PTX Series und Juniper MX Series ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und seine Berechtigungen zu erweitern.
Betroffene Betriebssysteme
- BIOS/Firmware
- Appliance
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nSRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.\r\nBei den Switches der Juniper EX-Serie handelt es sich um Access- und Aggregations-/Core-Layer-Switches.\r\nDie Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren. \r\nDie Juniper MX-Serie ist eine Produktfamilie von Routern.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper JUNOS Evolved, Juniper SRX Series, Juniper EX Series, Juniper QFX Series, Juniper ACX Series, Juniper PTX Series und Juniper MX Series ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und seine Berechtigungen zu erweitern.", "title": "Angriff" }, { "category": "general", "text": "- BIOS/Firmware\n- Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0064 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0064.json" }, { "category": "self", "summary": "WID-SEC-2024-0064 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0064" }, { "category": "external", "summary": "Juniper Security Advisory JSA11272 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA11272" }, { "category": "external", "summary": "Juniper Security Advisory JSA75233 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75233" }, { "category": "external", "summary": "Juniper Security Advisory JSA75721 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75721" }, { "category": "external", "summary": "Juniper Security Advisory JSA75723 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75723" }, { "category": "external", "summary": "Juniper Security Advisory JSA75725 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75725" }, { "category": "external", "summary": "Juniper Security Advisory JSA75727 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75727" }, { "category": "external", "summary": "Juniper Security Advisory JSA75729 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75729" }, { "category": "external", "summary": "Juniper Security Advisory JSA75730 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75730" }, { "category": "external", "summary": "Juniper Security Advisory JSA75733 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75733" }, { "category": "external", "summary": "Juniper Security Advisory JSA75734 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75734" }, { "category": "external", "summary": "Juniper Security Advisory JSA75735 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75735" }, { "category": "external", "summary": "Juniper Security Advisory JSA75736 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75736" }, { "category": "external", "summary": "Juniper Security Advisory JSA75737 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75737" }, { "category": "external", "summary": "Juniper Security Advisory JSA75738 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75738" }, { "category": "external", "summary": "Juniper Security Advisory JSA75740 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75740" }, { "category": "external", "summary": "Juniper Security Advisory JSA75741 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75741" }, { "category": "external", "summary": "Juniper Security Advisory JSA75742 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75742" }, { "category": "external", "summary": "Juniper Security Advisory JSA75743 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75743" }, { "category": "external", "summary": "Juniper Security Advisory JSA75744 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75744" }, { "category": "external", "summary": "Juniper Security Advisory JSA75745 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75745" }, { "category": "external", "summary": "Juniper Security Advisory JSA75747 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75747" }, { "category": "external", "summary": "Juniper Security Advisory JSA75748 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75748" }, { "category": "external", "summary": "Juniper Security Advisory JSA75752 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75752" }, { "category": "external", "summary": "Juniper Security Advisory JSA75753 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75753" }, { "category": "external", "summary": "Juniper Security Advisory JSA75754 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75754" }, { "category": "external", "summary": "Juniper Security Advisory JSA75755 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75755" }, { "category": "external", "summary": "Juniper Security Advisory JSA75757 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75757" }, { "category": "external", "summary": "Juniper Security Advisory JSA75758 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75758" } ], "source_lang": "en-US", "title": "Juniper Produkte: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-01-10T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:56:09.941+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0064", "initial_release_date": "2024-01-10T23:00:00.000+00:00", "revision_history": [ { "date": "2024-01-10T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Juniper EX Series", "product": { "name": "Juniper EX Series", "product_id": "T019811", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:-" } } }, { "category": "product_name", "name": "Juniper EX Series 4600", "product": { "name": "Juniper EX Series 4600", "product_id": "T021598", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:ex4600" } } }, { "category": "product_name", "name": "Juniper EX Series 4100", "product": { "name": "Juniper EX Series 4100", "product_id": "T030475", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:4100" } } }, { "category": "product_name", "name": "Juniper EX Series 4400", "product": { "name": "Juniper EX Series 4400", "product_id": "T030476", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:4400" } } }, { "category": "product_name", "name": "Juniper EX Series EX9200", "product": { "name": "Juniper EX Series EX9200", "product_id": "T031997", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:ex9200" } } } ], "category": "product_name", "name": "EX Series" }, { "branches": [ { "category": "product_name", "name": "Juniper JUNOS Evolved", "product": { "name": "Juniper JUNOS Evolved", "product_id": "T018886", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:evolved" } } }, { "category": "product_name", "name": "Juniper JUNOS PTX Series", "product": { "name": "Juniper JUNOS PTX Series", "product_id": "T023853", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:ptx_series" } } }, { "category": "product_name", "name": "Juniper JUNOS", "product": { "name": "Juniper JUNOS", "product_id": "T030471", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:-" } } }, { "category": "product_name", "name": "Juniper JUNOS ACX7024", "product": { "name": "Juniper JUNOS ACX7024", "product_id": "T031994", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:acx7024" } } }, { "category": "product_name", "name": "Juniper JUNOS ACX7100-32C", "product": { "name": "Juniper JUNOS ACX7100-32C", "product_id": "T031995", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:acx7100-32c" } } }, { "category": "product_name", "name": "Juniper JUNOS ACX7100-48L", "product": { "name": "Juniper JUNOS ACX7100-48L", "product_id": "T031996", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:acx7100-48l" } } } ], "category": "product_name", "name": "JUNOS" }, { "category": "product_name", "name": "Juniper MX Series", "product": { "name": "Juniper MX Series", "product_id": "918766", "product_identification_helper": { "cpe": "cpe:/h:juniper:mx:-" } } }, { "category": "product_name", "name": "Juniper QFX Series 5000", "product": { "name": "Juniper QFX Series 5000", "product_id": "T021597", "product_identification_helper": { "cpe": "cpe:/h:juniper:qfx:qfx5000" } } }, { "category": "product_name", "name": "Juniper SRX Series", "product": { "name": "Juniper SRX Series", "product_id": "T021593", "product_identification_helper": { "cpe": "cpe:/h:juniper:srx_service_gateways:-" } } } ], "category": "vendor", "name": "Juniper" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-2964", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2964" }, { "cve": "CVE-2022-2873", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2873" }, { "cve": "CVE-2022-2795", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2795" }, { "cve": "CVE-2022-2663", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2663" }, { "cve": "CVE-2022-25265", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-25265" }, { "cve": "CVE-2022-23307", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-23307" }, { "cve": "CVE-2022-23305", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-23305" }, { "cve": "CVE-2022-23302", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-23302" }, { "cve": "CVE-2022-22942", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-22942" }, { "cve": "CVE-2022-2196", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2196" }, { "cve": "CVE-2022-21699", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-21699" }, { "cve": "CVE-2022-20141", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-20141" }, { "cve": "CVE-2022-1789", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-1789" }, { "cve": "CVE-2022-1679", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-1679" }, { "cve": "CVE-2022-1462", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-1462" }, { "cve": "CVE-2022-0934", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-0934" }, { "cve": "CVE-2022-0330", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-0330" }, { "cve": "CVE-2021-44832", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-44832" }, { "cve": "CVE-2021-44790", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-44790" }, { "cve": "CVE-2021-44228", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-44228" }, { "cve": "CVE-2021-4155", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-4155" }, { "cve": "CVE-2021-39275", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-39275" }, { "cve": "CVE-2021-3752", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3752" }, { "cve": "CVE-2021-3621", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3621" }, { "cve": "CVE-2021-3573", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3573" }, { "cve": "CVE-2021-3564", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3564" }, { "cve": "CVE-2021-34798", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-34798" }, { "cve": "CVE-2021-33656", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-33656" }, { "cve": "CVE-2021-33655", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-33655" }, { "cve": "CVE-2021-26691", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-26691" }, { "cve": "CVE-2021-26341", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-26341" }, { "cve": "CVE-2021-25220", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-25220" }, { "cve": "CVE-2021-0920", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-0920" }, { "cve": "CVE-2020-9493", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-9493" }, { "cve": "CVE-2020-12321", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-12321" }, { "cve": "CVE-2020-0466", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-0466" }, { "cve": "CVE-2020-0465", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-0465" }, { "cve": "CVE-2019-17571", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2019-17571" }, { "cve": "CVE-2016-2183", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2016-2183" }, { "cve": "CVE-2024-21617", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21617" }, { "cve": "CVE-2024-21616", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21616" }, { "cve": "CVE-2024-21614", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21614" }, { "cve": "CVE-2024-21613", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21613" }, { "cve": "CVE-2024-21612", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21612" }, { "cve": "CVE-2024-21611", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21611" }, { "cve": "CVE-2024-21607", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21607" }, { "cve": "CVE-2024-21606", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21606" }, { "cve": "CVE-2024-21604", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21604" }, { "cve": "CVE-2024-21603", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21603" }, { "cve": "CVE-2024-21602", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21602" }, { "cve": "CVE-2024-21601", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21601" }, { "cve": "CVE-2024-21600", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21600" }, { "cve": "CVE-2024-21599", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21599" }, { "cve": "CVE-2024-21597", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21597" }, { "cve": "CVE-2024-21596", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21596" }, { "cve": "CVE-2024-21595", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21595" }, { "cve": "CVE-2024-21594", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21594" }, { "cve": "CVE-2024-21591", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21591" }, { "cve": "CVE-2024-21589", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21589" }, { "cve": "CVE-2024-21587", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21587" }, { "cve": "CVE-2024-21585", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21585" }, { "cve": "CVE-2023-38802", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-38802" }, { "cve": "CVE-2023-38408", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-38408" }, { "cve": "CVE-2023-3817", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-3817" }, { "cve": "CVE-2023-36842", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-36842" }, { "cve": "CVE-2023-3446", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-3446" }, { "cve": "CVE-2023-3341", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-3341" }, { "cve": "CVE-2023-32360", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-32360" }, { "cve": "CVE-2023-32067", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-32067" }, { "cve": "CVE-2023-2828", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2828" }, { "cve": "CVE-2023-2650", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2650" }, { "cve": "CVE-2023-26464", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-26464" }, { "cve": "CVE-2023-24329", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-24329" }, { "cve": "CVE-2023-23920", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-23920" }, { "cve": "CVE-2023-23918", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-23918" }, { "cve": "CVE-2023-23454", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-23454" }, { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2023-2235", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2235" }, { "cve": "CVE-2023-22081", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22081" }, { "cve": "CVE-2023-22049", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22049" }, { "cve": "CVE-2023-22045", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22045" }, { "cve": "CVE-2023-21968", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21968" }, { "cve": "CVE-2023-21967", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21967" }, { "cve": "CVE-2023-21954", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21954" }, { "cve": "CVE-2023-2194", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2194" }, { "cve": "CVE-2023-21939", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21939" }, { "cve": "CVE-2023-21938", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21938" }, { "cve": "CVE-2023-21937", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21937" }, { "cve": "CVE-2023-21930", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21930" }, { "cve": "CVE-2023-21843", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21843" }, { "cve": "CVE-2023-21830", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21830" }, { "cve": "CVE-2023-2124", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2124" }, { "cve": "CVE-2023-20593", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-20593" }, { "cve": "CVE-2023-20569", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-20569" }, { "cve": "CVE-2023-1829", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1829" }, { "cve": "CVE-2023-1582", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1582" }, { "cve": "CVE-2023-1281", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1281" }, { "cve": "CVE-2023-1195", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1195" }, { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-0461", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0461" }, { "cve": "CVE-2023-0394", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0394" }, { "cve": "CVE-2023-0386", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0386" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0266", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0266" }, { "cve": "CVE-2022-47929", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-47929" }, { "cve": "CVE-2022-43945", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-43945" }, { "cve": "CVE-2022-4378", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4378" }, { "cve": "CVE-2022-43750", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-43750" }, { "cve": "CVE-2022-42896", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42896" }, { "cve": "CVE-2022-42722", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42722" }, { "cve": "CVE-2022-42721", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42721" }, { "cve": "CVE-2022-42720", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42720" }, { "cve": "CVE-2022-42703", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42703" }, { "cve": "CVE-2022-4269", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4269" }, { "cve": "CVE-2022-4254", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4254" }, { "cve": "CVE-2022-41974", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41974" }, { "cve": "CVE-2022-41674", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41674" }, { "cve": "CVE-2022-4139", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4139" }, { "cve": "CVE-2022-4129", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4129" }, { "cve": "CVE-2022-41222", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41222" }, { "cve": "CVE-2022-41218", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41218" }, { "cve": "CVE-2022-39189", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-39189" }, { "cve": "CVE-2022-39188", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-39188" }, { "cve": "CVE-2022-38023", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-38023" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-3707", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3707" }, { "cve": "CVE-2022-3628", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3628" }, { "cve": "CVE-2022-3625", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3625" }, { "cve": "CVE-2022-3623", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3623" }, { "cve": "CVE-2022-3619", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3619" }, { "cve": "CVE-2022-3567", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3567" }, { "cve": "CVE-2022-3566", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3566" }, { "cve": "CVE-2022-3564", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3564" }, { "cve": "CVE-2022-3524", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3524" }, { "cve": "CVE-2022-3239", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3239" }, { "cve": "CVE-2022-30594", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-30594" }, { "cve": "CVE-2022-3028", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3028" } ] }
WID-SEC-W-2023-1424
Vulnerability from csaf_certbund
Published
2023-06-12 22:00
Modified
2023-06-12 22:00
Summary
Xerox FreeFlow Print Server für Solaris: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Betroffene Betriebssysteme
- UNIX
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1424 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1424.json" }, { "category": "self", "summary": "WID-SEC-2023-1424 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1424" }, { "category": "external", "summary": "Xerox Security Bulletin vom 2023-06-12", "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2023/06/Xerox-Security-Bulletin-XRX23-009-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf" } ], "source_lang": "en-US", "title": "Xerox FreeFlow Print Server f\u00fcr Solaris: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-06-12T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:30:41.322+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1424", "initial_release_date": "2023-06-12T22:00:00.000+00:00", "revision_history": [ { "date": "2023-06-12T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Xerox FreeFlow Print Server v9 for Solaris", "product": { "name": "Xerox FreeFlow Print Server v9 for Solaris", "product_id": "T028053", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v9_for_solaris" } } } ], "category": "vendor", "name": "Xerox" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-28708", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-28708" }, { "cve": "CVE-2023-28176", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-28176" }, { "cve": "CVE-2023-28164", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-28164" }, { "cve": "CVE-2023-28163", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-28163" }, { "cve": "CVE-2023-28162", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-28162" }, { "cve": "CVE-2023-27522", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-27522" }, { "cve": "CVE-2023-25752", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25752" }, { "cve": "CVE-2023-25751", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25751" }, { "cve": "CVE-2023-25746", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25746" }, { "cve": "CVE-2023-25744", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25744" }, { "cve": "CVE-2023-25743", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25743" }, { "cve": "CVE-2023-25742", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25742" }, { "cve": "CVE-2023-25739", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25739" }, { "cve": "CVE-2023-25738", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25738" }, { "cve": "CVE-2023-25737", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25737" }, { "cve": "CVE-2023-25735", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25735" }, { "cve": "CVE-2023-25734", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25734" }, { "cve": "CVE-2023-25732", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25732" }, { "cve": "CVE-2023-25730", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25730" }, { "cve": "CVE-2023-25729", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25729" }, { "cve": "CVE-2023-25728", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25728" }, { "cve": "CVE-2023-25690", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-25690" }, { "cve": "CVE-2023-24998", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-24998" }, { "cve": "CVE-2023-24807", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-24807" }, { "cve": "CVE-2023-24580", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-24580" }, { "cve": "CVE-2023-23969", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23969" }, { "cve": "CVE-2023-23946", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23946" }, { "cve": "CVE-2023-23936", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23936" }, { "cve": "CVE-2023-23920", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23920" }, { "cve": "CVE-2023-23919", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23919" }, { "cve": "CVE-2023-23918", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23918" }, { "cve": "CVE-2023-23605", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23605" }, { "cve": "CVE-2023-23603", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23603" }, { "cve": "CVE-2023-23602", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23602" }, { "cve": "CVE-2023-23601", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23601" }, { "cve": "CVE-2023-23599", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23599" }, { "cve": "CVE-2023-23598", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-23598" }, { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2023-22490", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-22490" }, { "cve": "CVE-2023-22003", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-22003" }, { "cve": "CVE-2023-21985", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21985" }, { "cve": "CVE-2023-21984", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21984" }, { "cve": "CVE-2023-21928", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21928" }, { "cve": "CVE-2023-21896", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21896" }, { "cve": "CVE-2023-21843", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21843" }, { "cve": "CVE-2023-21840", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21840" }, { "cve": "CVE-2023-21830", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-21830" }, { "cve": "CVE-2023-0804", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0804" }, { "cve": "CVE-2023-0803", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0803" }, { "cve": "CVE-2023-0802", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0802" }, { "cve": "CVE-2023-0801", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0801" }, { "cve": "CVE-2023-0800", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0800" }, { "cve": "CVE-2023-0799", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0799" }, { "cve": "CVE-2023-0798", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0798" }, { "cve": "CVE-2023-0797", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0797" }, { "cve": "CVE-2023-0796", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0796" }, { "cve": "CVE-2023-0795", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0795" }, { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-0662", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0662" }, { "cve": "CVE-2023-0616", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0616" }, { "cve": "CVE-2023-0568", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0568" }, { "cve": "CVE-2023-0567", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0567" }, { "cve": "CVE-2023-0430", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0430" }, { "cve": "CVE-2023-0417", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0417" }, { "cve": "CVE-2023-0416", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0416" }, { "cve": "CVE-2023-0415", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0415" }, { "cve": "CVE-2023-0414", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0414" }, { "cve": "CVE-2023-0413", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0413" }, { "cve": "CVE-2023-0412", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0412" }, { "cve": "CVE-2023-0411", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0411" }, { "cve": "CVE-2023-0401", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0401" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0217", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0217" }, { "cve": "CVE-2023-0216", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0216" }, { "cve": "CVE-2023-0215", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2023-0215" }, { "cve": "CVE-2022-48281", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-48281" }, { "cve": "CVE-2022-46877", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46877" }, { "cve": "CVE-2022-46874", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46874" }, { "cve": "CVE-2022-46871", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46871" }, { "cve": "CVE-2022-46344", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46344" }, { "cve": "CVE-2022-46343", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46343" }, { "cve": "CVE-2022-46342", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46342" }, { "cve": "CVE-2022-46341", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46341" }, { "cve": "CVE-2022-46340", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-46340" }, { "cve": "CVE-2022-45939", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-45939" }, { "cve": "CVE-2022-45199", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-45199" }, { "cve": "CVE-2022-45143", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-45143" }, { "cve": "CVE-2022-4450", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-4450" }, { "cve": "CVE-2022-4345", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-4345" }, { "cve": "CVE-2022-4304", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-4304" }, { "cve": "CVE-2022-42919", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42919" }, { "cve": "CVE-2022-42916", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42916" }, { "cve": "CVE-2022-42915", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42915" }, { "cve": "CVE-2022-42898", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42898" }, { "cve": "CVE-2022-4283", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-4283" }, { "cve": "CVE-2022-4203", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-4203" }, { "cve": "CVE-2022-42012", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42012" }, { "cve": "CVE-2022-42011", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42011" }, { "cve": "CVE-2022-42010", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-42010" }, { "cve": "CVE-2022-41903", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-41903" }, { "cve": "CVE-2022-41716", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-41716" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-40898", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-40898" }, { "cve": "CVE-2022-40304", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-40304" }, { "cve": "CVE-2022-40303", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-40303" }, { "cve": "CVE-2022-39253", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-39253" }, { "cve": "CVE-2022-3924", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3924" }, { "cve": "CVE-2022-38784", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-38784" }, { "cve": "CVE-2022-38171", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-38171" }, { "cve": "CVE-2022-37436", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-37436" }, { "cve": "CVE-2022-3736", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3736" }, { "cve": "CVE-2022-3705", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3705" }, { "cve": "CVE-2022-36760", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-36760" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-36114", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-36114" }, { "cve": "CVE-2022-36113", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-36113" }, { "cve": "CVE-2022-35260", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-35260" }, { "cve": "CVE-2022-35252", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-35252" }, { "cve": "CVE-2022-3515", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3515" }, { "cve": "CVE-2022-3352", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3352" }, { "cve": "CVE-2022-3324", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3324" }, { "cve": "CVE-2022-3297", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3297" }, { "cve": "CVE-2022-3296", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3296" }, { "cve": "CVE-2022-3278", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3278" }, { "cve": "CVE-2022-3256", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3256" }, { "cve": "CVE-2022-3235", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3235" }, { "cve": "CVE-2022-3234", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3234" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-32208", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32208" }, { "cve": "CVE-2022-32207", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32207" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-32205", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32205" }, { "cve": "CVE-2022-32190", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32190" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32148", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-32148" }, { "cve": "CVE-2022-3153", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3153" }, { "cve": "CVE-2022-3134", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3134" }, { "cve": "CVE-2022-3099", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3099" }, { "cve": "CVE-2022-3094", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3094" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-30634", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30634" }, { "cve": "CVE-2022-30633", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30633" }, { "cve": "CVE-2022-30632", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30632" }, { "cve": "CVE-2022-30631", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30631" }, { "cve": "CVE-2022-30630", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30630" }, { "cve": "CVE-2022-30629", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30629" }, { "cve": "CVE-2022-30580", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-30580" }, { "cve": "CVE-2022-3037", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3037" }, { "cve": "CVE-2022-3016", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-3016" }, { "cve": "CVE-2022-29804", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-29804" }, { "cve": "CVE-2022-2980", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2980" }, { "cve": "CVE-2022-29526", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-29526" }, { "cve": "CVE-2022-2946", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2946" }, { "cve": "CVE-2022-2929", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2929" }, { "cve": "CVE-2022-2928", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2928" }, { "cve": "CVE-2022-2923", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2923" }, { "cve": "CVE-2022-2889", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2889" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-2874", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2874" }, { "cve": "CVE-2022-2862", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2862" }, { "cve": "CVE-2022-2849", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2849" }, { "cve": "CVE-2022-2845", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2845" }, { "cve": "CVE-2022-28331", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-28331" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-28327" }, { "cve": "CVE-2022-2819", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2819" }, { "cve": "CVE-2022-2817", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2817" }, { "cve": "CVE-2022-2816", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2816" }, { "cve": "CVE-2022-28131", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-28131" }, { "cve": "CVE-2022-27778", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-27778" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-27536", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-27536" }, { "cve": "CVE-2022-27337", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-27337" }, { "cve": "CVE-2022-25255", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-25255" }, { "cve": "CVE-2022-25147", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-25147" }, { "cve": "CVE-2022-24963", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-24963" }, { "cve": "CVE-2022-24675", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-24675" }, { "cve": "CVE-2022-23521", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-23521" }, { "cve": "CVE-2022-2309", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-2309" }, { "cve": "CVE-2022-21515", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-21515" }, { "cve": "CVE-2022-21349", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-21349" }, { "cve": "CVE-2022-21291", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-21291" }, { "cve": "CVE-2022-1962", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-1962" }, { "cve": "CVE-2022-1705", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-1705" }, { "cve": "CVE-2022-1292", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-1292" }, { "cve": "CVE-2022-1122", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-1122" }, { "cve": "CVE-2022-0718", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2022-0718" }, { "cve": "CVE-2021-37750", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2021-37750" }, { "cve": "CVE-2021-37519", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2021-37519" }, { "cve": "CVE-2021-35940", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2021-35940" }, { "cve": "CVE-2021-30860", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2021-30860" }, { "cve": "CVE-2021-29338", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2021-29338" }, { "cve": "CVE-2018-25032", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2018-25032" }, { "cve": "CVE-2017-12613", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2017-12613" }, { "cve": "CVE-2006-20001", "notes": [ { "category": "description", "text": "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen im Zusammenhang mit bekannten Java, Apache und Mozilla Firefox Schwachstellen. Ein Angreifer kann diese ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T028053" ] }, "release_date": "2023-06-12T22:00:00Z", "title": "CVE-2006-20001" } ] }
WID-SEC-W-2023-1812
Vulnerability from csaf_certbund
Published
2023-07-18 22:00
Modified
2023-07-20 22:00
Summary
Oracle Communications: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Oracle Communications umfasst branchenspezifische L\u00f6sungen f\u00fcr die Telekommunikationsbranche.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1812 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1812.json" }, { "category": "self", "summary": "WID-SEC-2023-1812 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1812" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:2263-2 vom 2023-07-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015545.html" }, { "category": "external", "summary": "Oracle Critical Patch Update Advisory - July 2023 - Appendix Oracle Communications vom 2023-07-18", "url": "https://www.oracle.com/security-alerts/cpujul2023.html#AppendixCGBU" } ], "source_lang": "en-US", "title": "Oracle Communications: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-07-20T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:37:23.436+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1812", "initial_release_date": "2023-07-18T22:00:00.000+00:00", "revision_history": [ { "date": "2023-07-18T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-07-20T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von SUSE aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Communications 5.0", "product": { "name": "Oracle Communications 5.0", "product_id": "T021645", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:5.0" } } }, { "category": "product_name", "name": "Oracle Communications 8.6.0.0", "product": { "name": "Oracle Communications 8.6.0.0", "product_id": "T024970", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:8.6.0.0" } } }, { "category": "product_name", "name": "Oracle Communications 22.4.0", "product": { "name": "Oracle Communications 22.4.0", "product_id": "T024981", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:22.4.0" } } }, { "category": "product_name", "name": "Oracle Communications 22.3.2", "product": { "name": "Oracle Communications 22.3.2", "product_id": "T025865", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:22.3.2" } } }, { "category": "product_name", "name": "Oracle Communications 22.4.1", "product": { "name": "Oracle Communications 22.4.1", "product_id": "T025869", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:22.4.1" } } }, { "category": "product_name", "name": "Oracle Communications 23.1.0", "product": { "name": "Oracle Communications 23.1.0", "product_id": "T027326", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:23.1.0" } } }, { "category": "product_name", "name": "Oracle Communications 22.4.2", "product": { "name": "Oracle Communications 22.4.2", "product_id": "T027327", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:22.4.2" } } }, { "category": "product_name", "name": "Oracle Communications 23.1.1", "product": { "name": "Oracle Communications 23.1.1", "product_id": "T027329", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:23.1.1" } } }, { "category": "product_name", "name": "Oracle Communications 22.4.3", "product": { "name": "Oracle Communications 22.4.3", "product_id": "T028680", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:22.4.3" } } }, { "category": "product_name", "name": "Oracle Communications 23.1.2", "product": { "name": "Oracle Communications 23.1.2", "product_id": "T028681", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:23.1.2" } } }, { "category": "product_name", "name": "Oracle Communications 23.2.0", "product": { "name": "Oracle Communications 23.2.0", "product_id": "T028682", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:23.2.0" } } }, { "category": "product_name", "name": "Oracle Communications 6.2.0", "product": { "name": "Oracle Communications 6.2.0", "product_id": "T028683", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:6.2.0" } } }, { "category": "product_name", "name": "Oracle Communications 5.1", "product": { "name": "Oracle Communications 5.1", "product_id": "T028684", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:5.1" } } }, { "category": "product_name", "name": "Oracle Communications 9.1.1.5.0", "product": { "name": "Oracle Communications 9.1.1.5.0", "product_id": "T028685", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:9.1.1.5.0" } } } ], "category": "product_name", "name": "Communications" } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-30861", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-30861" }, { "cve": "CVE-2023-29007", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-29007" }, { "cve": "CVE-2023-28856", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-28856" }, { "cve": "CVE-2023-28708", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-28708" }, { "cve": "CVE-2023-28484", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-28484" }, { "cve": "CVE-2023-27901", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-27901" }, { "cve": "CVE-2023-26049", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-26049" }, { "cve": "CVE-2023-25194", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-25194" }, { "cve": "CVE-2023-24998", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-24998" }, { "cve": "CVE-2023-23931", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-23931" }, { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2023-21971", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-21971" }, { "cve": "CVE-2023-20873", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-20873" }, { "cve": "CVE-2023-20863", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-20863" }, { "cve": "CVE-2023-20862", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-20862" }, { "cve": "CVE-2023-20861", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-20861" }, { "cve": "CVE-2023-1999", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-1999" }, { "cve": "CVE-2023-1436", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-1436" }, { "cve": "CVE-2023-1370", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-1370" }, { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-0361", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-0361" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0215", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-0215" }, { "cve": "CVE-2022-45787", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-45787" }, { "cve": "CVE-2022-45688", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-45688" }, { "cve": "CVE-2022-45061", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-45061" }, { "cve": "CVE-2022-4450", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-4450" }, { "cve": "CVE-2022-42898", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-42898" }, { "cve": "CVE-2022-41881", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-41881" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-36944", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-36944" }, { "cve": "CVE-2022-2963", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-2963" }, { "cve": "CVE-2022-25147", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-25147" }, { "cve": "CVE-2022-1471", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-1471" }, { "cve": "CVE-2021-40528", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2021-40528" }, { "cve": "CVE-2021-25220", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2021-25220" }, { "cve": "CVE-2020-10735", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2020-10735" } ] }
wid-sec-w-2023-1812
Vulnerability from csaf_certbund
Published
2023-07-18 22:00
Modified
2023-07-20 22:00
Summary
Oracle Communications: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Oracle Communications umfasst branchenspezifische L\u00f6sungen f\u00fcr die Telekommunikationsbranche.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1812 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1812.json" }, { "category": "self", "summary": "WID-SEC-2023-1812 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1812" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:2263-2 vom 2023-07-20", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015545.html" }, { "category": "external", "summary": "Oracle Critical Patch Update Advisory - July 2023 - Appendix Oracle Communications vom 2023-07-18", "url": "https://www.oracle.com/security-alerts/cpujul2023.html#AppendixCGBU" } ], "source_lang": "en-US", "title": "Oracle Communications: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-07-20T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:37:23.436+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1812", "initial_release_date": "2023-07-18T22:00:00.000+00:00", "revision_history": [ { "date": "2023-07-18T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-07-20T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von SUSE aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Communications 5.0", "product": { "name": "Oracle Communications 5.0", "product_id": "T021645", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:5.0" } } }, { "category": "product_name", "name": "Oracle Communications 8.6.0.0", "product": { "name": "Oracle Communications 8.6.0.0", "product_id": "T024970", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:8.6.0.0" } } }, { "category": "product_name", "name": "Oracle Communications 22.4.0", "product": { "name": "Oracle Communications 22.4.0", "product_id": "T024981", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:22.4.0" } } }, { "category": "product_name", "name": "Oracle Communications 22.3.2", "product": { "name": "Oracle Communications 22.3.2", "product_id": "T025865", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:22.3.2" } } }, { "category": "product_name", "name": "Oracle Communications 22.4.1", "product": { "name": "Oracle Communications 22.4.1", "product_id": "T025869", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:22.4.1" } } }, { "category": "product_name", "name": "Oracle Communications 23.1.0", "product": { "name": "Oracle Communications 23.1.0", "product_id": "T027326", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:23.1.0" } } }, { "category": "product_name", "name": "Oracle Communications 22.4.2", "product": { "name": "Oracle Communications 22.4.2", "product_id": "T027327", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:22.4.2" } } }, { "category": "product_name", "name": "Oracle Communications 23.1.1", "product": { "name": "Oracle Communications 23.1.1", "product_id": "T027329", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:23.1.1" } } }, { "category": "product_name", "name": "Oracle Communications 22.4.3", "product": { "name": "Oracle Communications 22.4.3", "product_id": "T028680", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:22.4.3" } } }, { "category": "product_name", "name": "Oracle Communications 23.1.2", "product": { "name": "Oracle Communications 23.1.2", "product_id": "T028681", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:23.1.2" } } }, { "category": "product_name", "name": "Oracle Communications 23.2.0", "product": { "name": "Oracle Communications 23.2.0", "product_id": "T028682", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:23.2.0" } } }, { "category": "product_name", "name": "Oracle Communications 6.2.0", "product": { "name": "Oracle Communications 6.2.0", "product_id": "T028683", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:6.2.0" } } }, { "category": "product_name", "name": "Oracle Communications 5.1", "product": { "name": "Oracle Communications 5.1", "product_id": "T028684", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:5.1" } } }, { "category": "product_name", "name": "Oracle Communications 9.1.1.5.0", "product": { "name": "Oracle Communications 9.1.1.5.0", "product_id": "T028685", "product_identification_helper": { "cpe": "cpe:/a:oracle:communications:9.1.1.5.0" } } } ], "category": "product_name", "name": "Communications" } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-30861", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-30861" }, { "cve": "CVE-2023-29007", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-29007" }, { "cve": "CVE-2023-28856", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-28856" }, { "cve": "CVE-2023-28708", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-28708" }, { "cve": "CVE-2023-28484", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-28484" }, { "cve": "CVE-2023-27901", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-27901" }, { "cve": "CVE-2023-26049", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-26049" }, { "cve": "CVE-2023-25194", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-25194" }, { "cve": "CVE-2023-24998", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-24998" }, { "cve": "CVE-2023-23931", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-23931" }, { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2023-21971", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-21971" }, { "cve": "CVE-2023-20873", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-20873" }, { "cve": "CVE-2023-20863", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-20863" }, { "cve": "CVE-2023-20862", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-20862" }, { "cve": "CVE-2023-20861", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-20861" }, { "cve": "CVE-2023-1999", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-1999" }, { "cve": "CVE-2023-1436", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-1436" }, { "cve": "CVE-2023-1370", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-1370" }, { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-0361", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-0361" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0215", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2023-0215" }, { "cve": "CVE-2022-45787", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-45787" }, { "cve": "CVE-2022-45688", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-45688" }, { "cve": "CVE-2022-45061", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-45061" }, { "cve": "CVE-2022-4450", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-4450" }, { "cve": "CVE-2022-42898", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-42898" }, { "cve": "CVE-2022-41881", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-41881" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-36944", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-36944" }, { "cve": "CVE-2022-2963", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-2963" }, { "cve": "CVE-2022-25147", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-25147" }, { "cve": "CVE-2022-1471", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2022-1471" }, { "cve": "CVE-2021-40528", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2021-40528" }, { "cve": "CVE-2021-25220", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2021-25220" }, { "cve": "CVE-2020-10735", "notes": [ { "category": "description", "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T028682", "T028683", "T028680", "T028681", "T025869", "T002207", "T025865", "T021645", "T027329", "T027326", "T024970", "T024981", "T027327", "T028684", "T028685" ] }, "release_date": "2023-07-18T22:00:00Z", "title": "CVE-2020-10735" } ] }
wid-sec-w-2023-0407
Vulnerability from csaf_certbund
Published
2023-02-16 23:00
Modified
2023-05-29 22:00
Summary
Mozilla Thunderbird: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Thunderbird ist ein Open Source E-Mail Client.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Thunderbird ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und Informationen falsch darzustellen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Thunderbird ist ein Open Source E-Mail Client.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Thunderbird ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und Informationen falsch darzustellen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0407 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0407.json" }, { "category": "self", "summary": "WID-SEC-2023-0407 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0407" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202305-36 vom 2023-05-30", "url": "https://security.gentoo.org/glsa/202305-36" }, { "category": "external", "summary": "NetApp Security Advisory NTAP-20230324-0008 vom 2023-03-24", "url": "https://security.netapp.com/advisory/ntap-20230324-0008/" }, { "category": "external", "summary": "XEROX Security Advisory XRX23-002 vom 2023-03-23", "url": "https://security.business.xerox.com/wp-content/uploads/2023/03/Xerox-Security-Bulletin-XRX23-002-FreeFlow-Print-Server-v2_Windows10.pdf" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5943-1 vom 2023-03-13", "url": "https://ubuntu.com/security/notices/USN-5943-1" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS2-2023-1983 vom 2023-03-07", "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1983.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0599-1 vom 2023-03-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013965.html" }, { "category": "external", "summary": "Mozilla Foundation Security Advisory 2023-07 vom 2023-02-16", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0443-1 vom 2023-02-17", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013833.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-5355 vom 2023-02-19", "url": "https://www.debian.org/security/2023/dsa-5355" }, { "category": "external", "summary": "Debian Security Advisory DSA-5353 vom 2023-02-18", "url": "https://www.debian.org/security/2023/dsa-5353" }, { "category": "external", "summary": "Debian Security Advisory DLA-3324 vom 2023-02-20", "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00018.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3327 vom 2023-02-20", "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0824 vom 2023-02-21", "url": "https://linux.oracle.com/errata/ELSA-2023-0824.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0821 vom 2023-02-20", "url": "https://linux.oracle.com/errata/ELSA-2023-0821.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0817 vom 2023-02-21", "url": "https://linux.oracle.com/errata/ELSA-2023-0817.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0824 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0823 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0822 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0821 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0820 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0819 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0818 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0817 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "category": "external", "summary": "CentOS Security Advisory CESA-2023:0817 vom 2023-02-22", "url": "https://lists.centos.org/pipermail/centos-announce/2023-February/086375.html" } ], "source_lang": "en-US", "title": "Mozilla Thunderbird: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-05-29T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:14:44.273+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0407", "initial_release_date": "2023-02-16T23:00:00.000+00:00", "revision_history": [ { "date": "2023-02-16T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-02-19T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von SUSE, Debian und Fedora aufgenommen" }, { "date": "2023-02-20T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Debian, Oracle Linux und Red Hat aufgenommen" }, { "date": "2023-02-22T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von CentOS aufgenommen" }, { "date": "2023-03-02T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2023-03-06T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2023-03-12T23:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2023-03-22T23:00:00.000+00:00", "number": "8", "summary": "Neue Updates von XEROX aufgenommen" }, { "date": "2023-03-26T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von NetApp aufgenommen" }, { "date": "2023-05-29T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Gentoo aufgenommen" } ], "status": "final", "version": "10" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "category": "product_name", "name": "Mozilla Thunderbird \u003c 102.8", "product": { "name": "Mozilla Thunderbird \u003c 102.8", "product_id": "T026405", "product_identification_helper": { "cpe": "cpe:/a:mozilla:thunderbird:102.8" } } } ], "category": "vendor", "name": "Mozilla" }, { "branches": [ { "category": "product_name", "name": "NetApp ActiveIQ Unified Manager", "product": { "name": "NetApp ActiveIQ Unified Manager", "product_id": "658714", "product_identification_helper": { "cpe": "cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~" } } } ], "category": "vendor", "name": "NetApp" }, { "branches": [ { "category": "product_name", "name": "Open Source CentOS", "product": { "name": "Open Source CentOS", "product_id": "1727", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:-" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" }, { "branches": [ { "category": "product_name", "name": "Xerox FreeFlow Print Server v2", "product": { "name": "Xerox FreeFlow Print Server v2", "product_id": "T014888", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v2" } } } ], "category": "vendor", "name": "Xerox" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-0616", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-0616" }, { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-25728", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25728" }, { "cve": "CVE-2023-25729", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25729" }, { "cve": "CVE-2023-25730", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25730" }, { "cve": "CVE-2023-25732", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25732" }, { "cve": "CVE-2023-25734", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25734" }, { "cve": "CVE-2023-25735", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25735" }, { "cve": "CVE-2023-25737", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25737" }, { "cve": "CVE-2023-25738", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25738" }, { "cve": "CVE-2023-25739", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25739" }, { "cve": "CVE-2023-25742", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25742" }, { "cve": "CVE-2023-25746", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25746" } ] }
WID-SEC-W-2024-0064
Vulnerability from csaf_certbund
Published
2024-01-10 23:00
Modified
2024-01-10 23:00
Summary
Juniper Produkte: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
SRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.
Bei den Switches der Juniper EX-Serie handelt es sich um Access- und Aggregations-/Core-Layer-Switches.
Die Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren.
Die Juniper MX-Serie ist eine Produktfamilie von Routern.
Angriff
Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper JUNOS Evolved, Juniper SRX Series, Juniper EX Series, Juniper QFX Series, Juniper ACX Series, Juniper PTX Series und Juniper MX Series ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und seine Berechtigungen zu erweitern.
Betroffene Betriebssysteme
- BIOS/Firmware
- Appliance
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.\r\nSRX Series Services Gateways ist ein Next-Generation Anti-Threat Firewall von Juniper.\r\nBei den Switches der Juniper EX-Serie handelt es sich um Access- und Aggregations-/Core-Layer-Switches.\r\nDie Switches der QFX-Serie von Juniper sichern und automatisieren Netzwerke in Rechenzentren. \r\nDie Juniper MX-Serie ist eine Produktfamilie von Routern.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter, lokaler oder physischer Angreifer kann mehrere Schwachstellen in Juniper JUNOS, Juniper JUNOS Evolved, Juniper SRX Series, Juniper EX Series, Juniper QFX Series, Juniper ACX Series, Juniper PTX Series und Juniper MX Series ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und seine Berechtigungen zu erweitern.", "title": "Angriff" }, { "category": "general", "text": "- BIOS/Firmware\n- Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-0064 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0064.json" }, { "category": "self", "summary": "WID-SEC-2024-0064 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0064" }, { "category": "external", "summary": "Juniper Security Advisory JSA11272 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA11272" }, { "category": "external", "summary": "Juniper Security Advisory JSA75233 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75233" }, { "category": "external", "summary": "Juniper Security Advisory JSA75721 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75721" }, { "category": "external", "summary": "Juniper Security Advisory JSA75723 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75723" }, { "category": "external", "summary": "Juniper Security Advisory JSA75725 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75725" }, { "category": "external", "summary": "Juniper Security Advisory JSA75727 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75727" }, { "category": "external", "summary": "Juniper Security Advisory JSA75729 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75729" }, { "category": "external", "summary": "Juniper Security Advisory JSA75730 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75730" }, { "category": "external", "summary": "Juniper Security Advisory JSA75733 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75733" }, { "category": "external", "summary": "Juniper Security Advisory JSA75734 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75734" }, { "category": "external", "summary": "Juniper Security Advisory JSA75735 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75735" }, { "category": "external", "summary": "Juniper Security Advisory JSA75736 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75736" }, { "category": "external", "summary": "Juniper Security Advisory JSA75737 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75737" }, { "category": "external", "summary": "Juniper Security Advisory JSA75738 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75738" }, { "category": "external", "summary": "Juniper Security Advisory JSA75740 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75740" }, { "category": "external", "summary": "Juniper Security Advisory JSA75741 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75741" }, { "category": "external", "summary": "Juniper Security Advisory JSA75742 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75742" }, { "category": "external", "summary": "Juniper Security Advisory JSA75743 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75743" }, { "category": "external", "summary": "Juniper Security Advisory JSA75744 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75744" }, { "category": "external", "summary": "Juniper Security Advisory JSA75745 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75745" }, { "category": "external", "summary": "Juniper Security Advisory JSA75747 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75747" }, { "category": "external", "summary": "Juniper Security Advisory JSA75748 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75748" }, { "category": "external", "summary": "Juniper Security Advisory JSA75752 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75752" }, { "category": "external", "summary": "Juniper Security Advisory JSA75753 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75753" }, { "category": "external", "summary": "Juniper Security Advisory JSA75754 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75754" }, { "category": "external", "summary": "Juniper Security Advisory JSA75755 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75755" }, { "category": "external", "summary": "Juniper Security Advisory JSA75757 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75757" }, { "category": "external", "summary": "Juniper Security Advisory JSA75758 vom 2024-01-10", "url": "https://supportportal.juniper.net/JSA75758" } ], "source_lang": "en-US", "title": "Juniper Produkte: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-01-10T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:56:09.941+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-0064", "initial_release_date": "2024-01-10T23:00:00.000+00:00", "revision_history": [ { "date": "2024-01-10T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Juniper EX Series", "product": { "name": "Juniper EX Series", "product_id": "T019811", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:-" } } }, { "category": "product_name", "name": "Juniper EX Series 4600", "product": { "name": "Juniper EX Series 4600", "product_id": "T021598", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:ex4600" } } }, { "category": "product_name", "name": "Juniper EX Series 4100", "product": { "name": "Juniper EX Series 4100", "product_id": "T030475", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:4100" } } }, { "category": "product_name", "name": "Juniper EX Series 4400", "product": { "name": "Juniper EX Series 4400", "product_id": "T030476", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:4400" } } }, { "category": "product_name", "name": "Juniper EX Series EX9200", "product": { "name": "Juniper EX Series EX9200", "product_id": "T031997", "product_identification_helper": { "cpe": "cpe:/h:juniper:ex:ex9200" } } } ], "category": "product_name", "name": "EX Series" }, { "branches": [ { "category": "product_name", "name": "Juniper JUNOS Evolved", "product": { "name": "Juniper JUNOS Evolved", "product_id": "T018886", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:evolved" } } }, { "category": "product_name", "name": "Juniper JUNOS PTX Series", "product": { "name": "Juniper JUNOS PTX Series", "product_id": "T023853", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:ptx_series" } } }, { "category": "product_name", "name": "Juniper JUNOS", "product": { "name": "Juniper JUNOS", "product_id": "T030471", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:-" } } }, { "category": "product_name", "name": "Juniper JUNOS ACX7024", "product": { "name": "Juniper JUNOS ACX7024", "product_id": "T031994", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:acx7024" } } }, { "category": "product_name", "name": "Juniper JUNOS ACX7100-32C", "product": { "name": "Juniper JUNOS ACX7100-32C", "product_id": "T031995", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:acx7100-32c" } } }, { "category": "product_name", "name": "Juniper JUNOS ACX7100-48L", "product": { "name": "Juniper JUNOS ACX7100-48L", "product_id": "T031996", "product_identification_helper": { "cpe": "cpe:/o:juniper:junos:acx7100-48l" } } } ], "category": "product_name", "name": "JUNOS" }, { "category": "product_name", "name": "Juniper MX Series", "product": { "name": "Juniper MX Series", "product_id": "918766", "product_identification_helper": { "cpe": "cpe:/h:juniper:mx:-" } } }, { "category": "product_name", "name": "Juniper QFX Series 5000", "product": { "name": "Juniper QFX Series 5000", "product_id": "T021597", "product_identification_helper": { "cpe": "cpe:/h:juniper:qfx:qfx5000" } } }, { "category": "product_name", "name": "Juniper SRX Series", "product": { "name": "Juniper SRX Series", "product_id": "T021593", "product_identification_helper": { "cpe": "cpe:/h:juniper:srx_service_gateways:-" } } } ], "category": "vendor", "name": "Juniper" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-2964", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2964" }, { "cve": "CVE-2022-2873", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2873" }, { "cve": "CVE-2022-2795", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2795" }, { "cve": "CVE-2022-2663", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2663" }, { "cve": "CVE-2022-25265", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-25265" }, { "cve": "CVE-2022-23307", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-23307" }, { "cve": "CVE-2022-23305", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-23305" }, { "cve": "CVE-2022-23302", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-23302" }, { "cve": "CVE-2022-22942", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-22942" }, { "cve": "CVE-2022-2196", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-2196" }, { "cve": "CVE-2022-21699", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-21699" }, { "cve": "CVE-2022-20141", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-20141" }, { "cve": "CVE-2022-1789", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-1789" }, { "cve": "CVE-2022-1679", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-1679" }, { "cve": "CVE-2022-1462", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-1462" }, { "cve": "CVE-2022-0934", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-0934" }, { "cve": "CVE-2022-0330", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-0330" }, { "cve": "CVE-2021-44832", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-44832" }, { "cve": "CVE-2021-44790", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-44790" }, { "cve": "CVE-2021-44228", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-44228" }, { "cve": "CVE-2021-4155", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-4155" }, { "cve": "CVE-2021-39275", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-39275" }, { "cve": "CVE-2021-3752", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3752" }, { "cve": "CVE-2021-3621", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3621" }, { "cve": "CVE-2021-3573", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3573" }, { "cve": "CVE-2021-3564", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-3564" }, { "cve": "CVE-2021-34798", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-34798" }, { "cve": "CVE-2021-33656", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-33656" }, { "cve": "CVE-2021-33655", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-33655" }, { "cve": "CVE-2021-26691", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-26691" }, { "cve": "CVE-2021-26341", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-26341" }, { "cve": "CVE-2021-25220", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-25220" }, { "cve": "CVE-2021-0920", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2021-0920" }, { "cve": "CVE-2020-9493", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-9493" }, { "cve": "CVE-2020-12321", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-12321" }, { "cve": "CVE-2020-0466", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-0466" }, { "cve": "CVE-2020-0465", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2020-0465" }, { "cve": "CVE-2019-17571", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2019-17571" }, { "cve": "CVE-2016-2183", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2016-2183" }, { "cve": "CVE-2024-21617", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21617" }, { "cve": "CVE-2024-21616", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21616" }, { "cve": "CVE-2024-21614", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21614" }, { "cve": "CVE-2024-21613", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21613" }, { "cve": "CVE-2024-21612", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21612" }, { "cve": "CVE-2024-21611", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21611" }, { "cve": "CVE-2024-21607", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21607" }, { "cve": "CVE-2024-21606", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21606" }, { "cve": "CVE-2024-21604", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21604" }, { "cve": "CVE-2024-21603", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21603" }, { "cve": "CVE-2024-21602", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21602" }, { "cve": "CVE-2024-21601", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21601" }, { "cve": "CVE-2024-21600", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21600" }, { "cve": "CVE-2024-21599", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21599" }, { "cve": "CVE-2024-21597", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21597" }, { "cve": "CVE-2024-21596", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21596" }, { "cve": "CVE-2024-21595", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21595" }, { "cve": "CVE-2024-21594", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21594" }, { "cve": "CVE-2024-21591", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21591" }, { "cve": "CVE-2024-21589", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21589" }, { "cve": "CVE-2024-21587", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21587" }, { "cve": "CVE-2024-21585", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2024-21585" }, { "cve": "CVE-2023-38802", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-38802" }, { "cve": "CVE-2023-38408", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-38408" }, { "cve": "CVE-2023-3817", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-3817" }, { "cve": "CVE-2023-36842", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-36842" }, { "cve": "CVE-2023-3446", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-3446" }, { "cve": "CVE-2023-3341", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-3341" }, { "cve": "CVE-2023-32360", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-32360" }, { "cve": "CVE-2023-32067", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-32067" }, { "cve": "CVE-2023-2828", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2828" }, { "cve": "CVE-2023-2650", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2650" }, { "cve": "CVE-2023-26464", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-26464" }, { "cve": "CVE-2023-24329", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-24329" }, { "cve": "CVE-2023-23920", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-23920" }, { "cve": "CVE-2023-23918", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-23918" }, { "cve": "CVE-2023-23454", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-23454" }, { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22809" }, { "cve": "CVE-2023-2235", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2235" }, { "cve": "CVE-2023-22081", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22081" }, { "cve": "CVE-2023-22049", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22049" }, { "cve": "CVE-2023-22045", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-22045" }, { "cve": "CVE-2023-21968", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21968" }, { "cve": "CVE-2023-21967", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21967" }, { "cve": "CVE-2023-21954", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21954" }, { "cve": "CVE-2023-2194", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2194" }, { "cve": "CVE-2023-21939", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21939" }, { "cve": "CVE-2023-21938", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21938" }, { "cve": "CVE-2023-21937", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21937" }, { "cve": "CVE-2023-21930", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21930" }, { "cve": "CVE-2023-21843", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21843" }, { "cve": "CVE-2023-21830", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-21830" }, { "cve": "CVE-2023-2124", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-2124" }, { "cve": "CVE-2023-20593", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-20593" }, { "cve": "CVE-2023-20569", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-20569" }, { "cve": "CVE-2023-1829", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1829" }, { "cve": "CVE-2023-1582", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1582" }, { "cve": "CVE-2023-1281", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1281" }, { "cve": "CVE-2023-1195", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-1195" }, { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-0461", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0461" }, { "cve": "CVE-2023-0394", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0394" }, { "cve": "CVE-2023-0386", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0386" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0266", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2023-0266" }, { "cve": "CVE-2022-47929", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-47929" }, { "cve": "CVE-2022-43945", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-43945" }, { "cve": "CVE-2022-4378", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4378" }, { "cve": "CVE-2022-43750", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-43750" }, { "cve": "CVE-2022-42896", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42896" }, { "cve": "CVE-2022-42722", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42722" }, { "cve": "CVE-2022-42721", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42721" }, { "cve": "CVE-2022-42720", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42720" }, { "cve": "CVE-2022-42703", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-42703" }, { "cve": "CVE-2022-4269", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4269" }, { "cve": "CVE-2022-4254", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4254" }, { "cve": "CVE-2022-41974", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41974" }, { "cve": "CVE-2022-41674", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41674" }, { "cve": "CVE-2022-4139", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4139" }, { "cve": "CVE-2022-4129", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-4129" }, { "cve": "CVE-2022-41222", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41222" }, { "cve": "CVE-2022-41218", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-41218" }, { "cve": "CVE-2022-39189", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-39189" }, { "cve": "CVE-2022-39188", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-39188" }, { "cve": "CVE-2022-38023", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-38023" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-3707", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3707" }, { "cve": "CVE-2022-3628", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3628" }, { "cve": "CVE-2022-3625", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3625" }, { "cve": "CVE-2022-3623", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3623" }, { "cve": "CVE-2022-3619", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3619" }, { "cve": "CVE-2022-3567", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3567" }, { "cve": "CVE-2022-3566", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3566" }, { "cve": "CVE-2022-3564", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3564" }, { "cve": "CVE-2022-3524", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3524" }, { "cve": "CVE-2022-3239", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3239" }, { "cve": "CVE-2022-30594", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-30594" }, { "cve": "CVE-2022-3028", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Die Fehler bestehen aufgrund von unsachgem\u00e4\u00dfen Initialisierungen, nicht willk\u00fcrlichen Schreib- und Use-after-free-Fehlern, bei der \u00dcberpr\u00fcfung von \u00fcberm\u00e4\u00dfig langen DH-Schl\u00fcsseln, unsachgem\u00e4\u00dfen Pufferbeschr\u00e4nkungen, einer Speicher\u00fcberschreitung, einer unsachgem\u00e4\u00dfen Behandlung/Pr\u00fcfung von Ausnahmebedingungen, einem Out-of-bounds-Schreiben und einer unsachgem\u00e4\u00dfen Validierung der syntaktischen Korrektheit der Eingabe. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und seine Privilegien zu erweitern. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erh\u00f6hte Privilegien." } ], "product_status": { "known_affected": [ "T030475", "T031995", "T030476", "T031994", "T031997", "T031996", "918766", "T030471", "T021598", "T018886", "T021597", "T019811", "T023853", "T021593" ] }, "release_date": "2024-01-10T23:00:00Z", "title": "CVE-2022-3028" } ] }
WID-SEC-W-2023-0407
Vulnerability from csaf_certbund
Published
2023-02-16 23:00
Modified
2023-05-29 22:00
Summary
Mozilla Thunderbird: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Thunderbird ist ein Open Source E-Mail Client.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Thunderbird ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und Informationen falsch darzustellen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Thunderbird ist ein Open Source E-Mail Client.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Thunderbird ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und Informationen falsch darzustellen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0407 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0407.json" }, { "category": "self", "summary": "WID-SEC-2023-0407 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0407" }, { "category": "external", "summary": "Gentoo Linux Security Advisory GLSA-202305-36 vom 2023-05-30", "url": "https://security.gentoo.org/glsa/202305-36" }, { "category": "external", "summary": "NetApp Security Advisory NTAP-20230324-0008 vom 2023-03-24", "url": "https://security.netapp.com/advisory/ntap-20230324-0008/" }, { "category": "external", "summary": "XEROX Security Advisory XRX23-002 vom 2023-03-23", "url": "https://security.business.xerox.com/wp-content/uploads/2023/03/Xerox-Security-Bulletin-XRX23-002-FreeFlow-Print-Server-v2_Windows10.pdf" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5943-1 vom 2023-03-13", "url": "https://ubuntu.com/security/notices/USN-5943-1" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS2-2023-1983 vom 2023-03-07", "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1983.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0599-1 vom 2023-03-02", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013965.html" }, { "category": "external", "summary": "Mozilla Foundation Security Advisory 2023-07 vom 2023-02-16", "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2023:0443-1 vom 2023-02-17", "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013833.html" }, { "category": "external", "summary": "Debian Security Advisory DSA-5355 vom 2023-02-19", "url": "https://www.debian.org/security/2023/dsa-5355" }, { "category": "external", "summary": "Debian Security Advisory DSA-5353 vom 2023-02-18", "url": "https://www.debian.org/security/2023/dsa-5353" }, { "category": "external", "summary": "Debian Security Advisory DLA-3324 vom 2023-02-20", "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00018.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-3327 vom 2023-02-20", "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0824 vom 2023-02-21", "url": "https://linux.oracle.com/errata/ELSA-2023-0824.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0821 vom 2023-02-20", "url": "https://linux.oracle.com/errata/ELSA-2023-0821.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-0817 vom 2023-02-21", "url": "https://linux.oracle.com/errata/ELSA-2023-0817.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0824 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0823 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0822 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0821 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0820 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0819 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0818 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0817 vom 2023-02-20", "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "category": "external", "summary": "CentOS Security Advisory CESA-2023:0817 vom 2023-02-22", "url": "https://lists.centos.org/pipermail/centos-announce/2023-February/086375.html" } ], "source_lang": "en-US", "title": "Mozilla Thunderbird: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-05-29T22:00:00.000+00:00", "generator": { "date": "2024-02-15T17:14:44.273+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0407", "initial_release_date": "2023-02-16T23:00:00.000+00:00", "revision_history": [ { "date": "2023-02-16T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-02-19T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von SUSE, Debian und Fedora aufgenommen" }, { "date": "2023-02-20T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Debian, Oracle Linux und Red Hat aufgenommen" }, { "date": "2023-02-22T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von CentOS aufgenommen" }, { "date": "2023-03-02T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2023-03-06T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2023-03-12T23:00:00.000+00:00", "number": "7", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2023-03-22T23:00:00.000+00:00", "number": "8", "summary": "Neue Updates von XEROX aufgenommen" }, { "date": "2023-03-26T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von NetApp aufgenommen" }, { "date": "2023-05-29T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Gentoo aufgenommen" } ], "status": "final", "version": "10" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "Gentoo Linux", "product": { "name": "Gentoo Linux", "product_id": "T012167", "product_identification_helper": { "cpe": "cpe:/o:gentoo:linux:-" } } } ], "category": "vendor", "name": "Gentoo" }, { "branches": [ { "category": "product_name", "name": "Mozilla Thunderbird \u003c 102.8", "product": { "name": "Mozilla Thunderbird \u003c 102.8", "product_id": "T026405", "product_identification_helper": { "cpe": "cpe:/a:mozilla:thunderbird:102.8" } } } ], "category": "vendor", "name": "Mozilla" }, { "branches": [ { "category": "product_name", "name": "NetApp ActiveIQ Unified Manager", "product": { "name": "NetApp ActiveIQ Unified Manager", "product_id": "658714", "product_identification_helper": { "cpe": "cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~" } } } ], "category": "vendor", "name": "NetApp" }, { "branches": [ { "category": "product_name", "name": "Open Source CentOS", "product": { "name": "Open Source CentOS", "product_id": "1727", "product_identification_helper": { "cpe": "cpe:/o:centos:centos:-" } } } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" }, { "branches": [ { "category": "product_name", "name": "Xerox FreeFlow Print Server v2", "product": { "name": "Xerox FreeFlow Print Server v2", "product_id": "T014888", "product_identification_helper": { "cpe": "cpe:/a:xerox:freeflow_print_server:v2" } } } ], "category": "vendor", "name": "Xerox" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-0616", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-0616" }, { "cve": "CVE-2023-0767", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-0767" }, { "cve": "CVE-2023-25728", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25728" }, { "cve": "CVE-2023-25729", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25729" }, { "cve": "CVE-2023-25730", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25730" }, { "cve": "CVE-2023-25732", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25732" }, { "cve": "CVE-2023-25734", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25734" }, { "cve": "CVE-2023-25735", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25735" }, { "cve": "CVE-2023-25737", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25737" }, { "cve": "CVE-2023-25738", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25738" }, { "cve": "CVE-2023-25739", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25739" }, { "cve": "CVE-2023-25742", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25742" }, { "cve": "CVE-2023-25746", "notes": [ { "category": "description", "text": "In Mozilla Thunderbird existieren mehrere Schwachstellen. Zu den Ursachen geh\u00f6ren verschiedene Fehler in der Speicherverwaltung und Richtlinienbehandlung sowie fehlende Warnungen. Infolgedessen kann ein Angreifer Code ausf\u00fchren, Sicherheitsmechanismen umgehen, falsche Informationen darstellen, Informationen offenlegen und einen Denial-of-Service-Zustand verursachen. Die erfolgreiche Ausnutzung dieser Schwachstellen erfordert eine Benutzerinteraktion." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T014888", "398363", "T012167", "658714", "1727", "T004914" ] }, "release_date": "2023-02-16T23:00:00Z", "title": "CVE-2023-25746" } ] }
gsd-2023-0767
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2023-0767", "id": "GSD-2023-0767", "references": [ "https://www.debian.org/security/2023/dsa-5350", "https://www.debian.org/security/2023/dsa-5353", "https://www.debian.org/security/2023/dsa-5355", "https://advisories.mageia.org/CVE-2023-0767.html", "https://access.redhat.com/errata/RHSA-2023:0805", "https://access.redhat.com/errata/RHSA-2023:0806", "https://access.redhat.com/errata/RHSA-2023:0807", "https://access.redhat.com/errata/RHSA-2023:0808", "https://access.redhat.com/errata/RHSA-2023:0809", "https://access.redhat.com/errata/RHSA-2023:0810", "https://access.redhat.com/errata/RHSA-2023:0811", "https://access.redhat.com/errata/RHSA-2023:0812", "https://access.redhat.com/errata/RHSA-2023:0817", "https://access.redhat.com/errata/RHSA-2023:0818", "https://access.redhat.com/errata/RHSA-2023:0819", "https://access.redhat.com/errata/RHSA-2023:0820", "https://access.redhat.com/errata/RHSA-2023:0821", "https://access.redhat.com/errata/RHSA-2023:0822", "https://access.redhat.com/errata/RHSA-2023:0823", "https://access.redhat.com/errata/RHSA-2023:0824", "https://www.suse.com/security/cve/CVE-2023-0767.html", "https://ubuntu.com/security/CVE-2023-0767" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2023-0767" ], "details": "An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.", "id": "GSD-2023-0767", "modified": "2023-12-13T01:20:22.866579Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2023-0767", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Firefox", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "110" } ] } }, { "product_name": "Thunderbird", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "102.8" } ] } }, { "product_name": "Firefox ESR", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "102.8" } ] } } ] }, "vendor_name": "Mozilla" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Arbitrary memory write via PKCS 12 in NSS" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "refsource": "MISC", "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640" }, { "name": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html", "refsource": "MISC", "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "102.8", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "102.8", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "110.0", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "security@mozilla.org", "ID": "CVE-2023-0767" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640", "refsource": "MISC", "tags": [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "name": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "refsource": "MISC", "tags": [ "Vendor Advisory" ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "name": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html", "refsource": "MISC", "tags": [ "Product" ], "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html" } ] } }, "impact": { "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9 } }, "lastModifiedDate": "2023-08-02T16:45Z", "publishedDate": "2023-06-02T17:15Z" } } }
ghsa-687w-wqw8-qq8j
Vulnerability from github
Published
2023-06-02 18:30
Modified
2024-04-04 04:29
Severity ?
Details
An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
{ "affected": [], "aliases": [ "CVE-2023-0767" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2023-06-02T17:15:10Z", "severity": "HIGH" }, "details": "An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox \u003c 110, Thunderbird \u003c 102.8, and Firefox ESR \u003c 102.8.", "id": "GHSA-687w-wqw8-qq8j", "modified": "2024-04-04T04:29:20Z", "published": "2023-06-02T18:30:18Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0767" }, { "type": "WEB", "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html" }, { "type": "WEB", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2023-05" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2023-06" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2023-07" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.