Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-28219 (GCVE-0-2024-28219)
Vulnerability from cvelistv5 – Published: 2024-04-03 00:00 – Updated: 2025-11-04 18:30
VLAI
EPSS
Summary
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
Severity
6.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-680 - Integer Overflow to Buffer Overflow
Assigner
References
4 references
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora |
Affected:
39
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* |
|
| python | pillow |
Affected:
0 , < 10.3.0
(custom)
cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:* |
|
| debian | debian_linux |
Affected:
10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:30:27.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security"
},
{
"name": "FEDORA-2024-e4b1b4eab1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/"
},
{
"name": "[debian-lts-announce] 20240410 [SECURITY] [DLA 3786-1] pillow security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fedora",
"vendor": "fedoraproject",
"versions": [
{
"status": "affected",
"version": "39"
}
]
},
{
"cpes": [
"cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pillow",
"vendor": "python",
"versions": [
{
"lessThan": "10.3.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "debian_linux",
"vendor": "debian",
"versions": [
{
"status": "affected",
"version": "10.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T18:09:55.017027Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-680",
"description": "CWE-680 Integer Overflow to Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T19:27:26.783Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AC:H/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:R",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-10T22:05:51.052Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security"
},
{
"name": "FEDORA-2024-e4b1b4eab1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/"
},
{
"name": "[debian-lts-announce] 20240410 [SECURITY] [DLA 3786-1] pillow security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-28219",
"datePublished": "2024-04-03T00:00:00.000Z",
"dateReserved": "2024-03-07T00:00:00.000Z",
"dateUpdated": "2025-11-04T18:30:27.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-28219",
"date": "2026-06-15",
"epss": "0.00989",
"percentile": "0.57781"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.\"}, {\"lang\": \"es\", \"value\": \"En _imagingcms.c en Pillow anterior a 10.3.0, existe un desbordamiento del b\\u00fafer porque se usa strcpy en lugar de strncpy.\"}]",
"id": "CVE-2024-28219",
"lastModified": "2024-11-21T09:06:02.270",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"cve@mitre.org\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 5.9}]}",
"published": "2024-04-03T03:15:09.710",
"references": "[{\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-680\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-28219\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-04-03T03:15:09.710\",\"lastModified\":\"2025-11-04T19:17:05.253\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.\"},{\"lang\":\"es\",\"value\":\"En _imagingcms.c en Pillow anterior a 10.3.0, existe un desbordamiento del b\u00fafer porque se usa strcpy en lugar de strncpy.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-680\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.3.0\",\"matchCriteriaId\":\"46F24DFD-7DF3-475C-8824-AA2585F09A7E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/\", \"name\": \"FEDORA-2024-e4b1b4eab1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html\", \"name\": \"[debian-lts-announce] 20240410 [SECURITY] [DLA 3786-1] pillow security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:48:49.828Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-28219\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-03T18:09:55.017027Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\"], \"vendor\": \"fedoraproject\", \"product\": \"fedora\", \"versions\": [{\"status\": \"affected\", \"version\": \"39\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*\"], \"vendor\": \"python\", \"product\": \"pillow\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"10.3.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\"], \"vendor\": \"debian\", \"product\": \"debian_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.0\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-680\", \"description\": \"CWE-680 Integer Overflow to Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-20T19:25:05.146Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AC:H/AV:L/A:H/C:H/I:H/PR:L/S:U/UI:R\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html#security\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLPUT3VK4GQ6EVY525TT2QNUIXNRU5M/\", \"name\": \"FEDORA-2024-e4b1b4eab1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html\", \"name\": \"[debian-lts-announce] 20240410 [SECURITY] [DLA 3786-1] pillow security update\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-04-10T22:05:51.052095\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-28219\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-20T19:27:26.783Z\", \"dateReserved\": \"2024-03-07T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-04-03T00:00:00\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2024_4227
Vulnerability from csaf_redhat - Published: 2024-07-02 15:26 - Updated: 2024-11-13 21:11Summary
Red Hat Security Advisory: python-pillow security update
Severity
Moderate
Notes
Topic: An update for python-pillow is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities.
Security Fix(es):
* python-pillow: buffer overflow in _imagingcms.c (CVE-2024-28219)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Pillow. The cms_transform_new function in src/_imagingcms.c does not validate the length of its parameters before copying them into fixed-size buffers, leading to a buffer overflow, resulting in a denial of service.
6.5 (Medium)
Affected products
Fixed
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-pillow is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities.\n\nSecurity Fix(es):\n\n* python-pillow: buffer overflow in _imagingcms.c (CVE-2024-28219)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:4227",
"url": "https://access.redhat.com/errata/RHSA-2024:4227"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2272563",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272563"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4227.json"
}
],
"title": "Red Hat Security Advisory: python-pillow security update",
"tracking": {
"current_release_date": "2024-11-13T21:11:18+00:00",
"generator": {
"date": "2024-11-13T21:11:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2024:4227",
"initial_release_date": "2024-07-02T15:26:34+00:00",
"revision_history": [
{
"date": "2024-07-02T15:26:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-07-02T15:26:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T21:11:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-pillow-0:5.1.1-21.el8_10.src",
"product": {
"name": "python-pillow-0:5.1.1-21.el8_10.src",
"product_id": "python-pillow-0:5.1.1-21.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow@5.1.1-21.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-pillow-0:5.1.1-21.el8_10.aarch64",
"product": {
"name": "python3-pillow-0:5.1.1-21.el8_10.aarch64",
"product_id": "python3-pillow-0:5.1.1-21.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow@5.1.1-21.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"product": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"product_id": "python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@5.1.1-21.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"product": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"product_id": "python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debuginfo@5.1.1-21.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"product": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"product_id": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-debuginfo@5.1.1-21.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"product": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"product_id": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-tk-debuginfo@5.1.1-21.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"product": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"product_id": "python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-devel@5.1.1-21.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"product": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"product_id": "python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-tk@5.1.1-21.el8_10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"product": {
"name": "python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"product_id": "python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow@5.1.1-21.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"product": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"product_id": "python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@5.1.1-21.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"product": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"product_id": "python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debuginfo@5.1.1-21.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"product": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"product_id": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-debuginfo@5.1.1-21.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"product": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"product_id": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-tk-debuginfo@5.1.1-21.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"product": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"product_id": "python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-devel@5.1.1-21.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"product": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"product_id": "python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-tk@5.1.1-21.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-pillow-0:5.1.1-21.el8_10.x86_64",
"product": {
"name": "python3-pillow-0:5.1.1-21.el8_10.x86_64",
"product_id": "python3-pillow-0:5.1.1-21.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow@5.1.1-21.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"product": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"product_id": "python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@5.1.1-21.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"product": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"product_id": "python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debuginfo@5.1.1-21.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"product": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"product_id": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-debuginfo@5.1.1-21.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64",
"product": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64",
"product_id": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-tk-debuginfo@5.1.1-21.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"product": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"product_id": "python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-devel@5.1.1-21.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"product": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"product_id": "python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-tk@5.1.1-21.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-pillow-0:5.1.1-21.el8_10.s390x",
"product": {
"name": "python3-pillow-0:5.1.1-21.el8_10.s390x",
"product_id": "python3-pillow-0:5.1.1-21.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow@5.1.1-21.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"product": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"product_id": "python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@5.1.1-21.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"product": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"product_id": "python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debuginfo@5.1.1-21.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"product": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"product_id": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-debuginfo@5.1.1-21.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"product": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"product_id": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-tk-debuginfo@5.1.1-21.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"product": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"product_id": "python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-devel@5.1.1-21.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"product": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"product_id": "python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-tk@5.1.1-21.el8_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-pillow-0:5.1.1-21.el8_10.i686",
"product": {
"name": "python3-pillow-0:5.1.1-21.el8_10.i686",
"product_id": "python3-pillow-0:5.1.1-21.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow@5.1.1-21.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"product": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"product_id": "python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-devel@5.1.1-21.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"product": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"product_id": "python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@5.1.1-21.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"product": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"product_id": "python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debuginfo@5.1.1-21.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"product": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"product_id": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-debuginfo@5.1.1-21.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"product": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"product_id": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-tk-debuginfo@5.1.1-21.el8_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"product": {
"name": "python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"product_id": "python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pillow-doc@5.1.1-21.el8_10?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:5.1.1-21.el8_10.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src"
},
"product_reference": "python-pillow-0:5.1.1-21.el8_10.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python3-pillow-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python3-pillow-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python3-pillow-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python3-pillow-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-doc-0:5.1.1-21.el8_10.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch"
},
"product_reference": "python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:5.1.1-21.el8_10.src as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src"
},
"product_reference": "python-pillow-0:5.1.1-21.el8_10.src",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python3-pillow-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python3-pillow-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python3-pillow-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python3-pillow-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-devel-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-doc-0:5.1.1-21.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch"
},
"product_reference": "python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64"
},
"product_reference": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686"
},
"product_reference": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le"
},
"product_reference": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x"
},
"product_reference": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64"
},
"product_reference": "python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28219",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2024-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272563"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Pillow. The cms_transform_new function in src/_imagingcms.c does not validate the length of its parameters before copying them into fixed-size buffers, leading to a buffer overflow, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: buffer overflow in _imagingcms.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can be triggered when the ImageCms.buildTransform function is called with the InMode or OutMode arguments with a string larger than 8 bytes. An application is not vulnerable if these parameters are not controlled by the user or are validated before the function is called. Additionally, the Pillow ImageCms module functions should not be exposed to untrusted usage without input validation. For this reason, this flaw has been rated with a moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28219"
},
{
"category": "external",
"summary": "RHBZ#2272563",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272563"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28219"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28219",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28219"
}
],
"release_date": "2024-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-02T15:26:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4227"
},
{
"category": "workaround",
"details": "Make sure the ImageCms.buildTransform function is not called with the InMode or OutMode arguments with a string bigger than 8 bytes.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-0:5.1.1-21.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python-pillow-debugsource-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-debuginfo-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-devel-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-doc-0:5.1.1-21.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-0:5.1.1-21.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:python3-pillow-tk-debuginfo-0:5.1.1-21.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pillow: buffer overflow in _imagingcms.c"
}
]
}
RHSA-2024_5662
Vulnerability from csaf_redhat - Published: 2024-08-20 20:33 - Updated: 2024-12-17 20:59Summary
Red Hat Security Advisory: Satellite 6.15.3 Security Update
Severity
Moderate
Notes
Topic: An update is now available for Red Hat Satellite 6.15 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in Django. When used with very long strings, the intcomma template filter was subject to a potential denial of service attack.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch | — |
Vendor Fix
fix
|
Known not affected
121 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src | — |
Threats
Impact
Moderate
A flaw was found in aiohttp, an asynchronous HTTP client/server framework for asyncio and Python. When using "web.static(..., show_index=True)", the resulting index pages do not escape file names. If users can upload files with arbitrary filenames to the static directory, the server is vulnerable to cross-site scripting (XSS) attacks.
6.1 (Medium)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 | — |
Vendor Fix
fix
|
Known not affected
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src | — |
Threats
Impact
Moderate
An inefficient regular expression complexity flaw was found in the Truncator.words function and truncatewords_html filter of Django. This issue may allow an attacker to use a suitably crafted string to cause a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch | — |
Vendor Fix
fix
|
Known not affected
121 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch | — | ||
| Unresolved product id: 8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src | — |
Threats
Impact
Moderate
A flaw was found in Pillow. The cms_transform_new function in src/_imagingcms.c does not validate the length of its parameters before copying them into fixed-size buffers, leading to a buffer overflow, resulting in a denial of service.
6.5 (Medium)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
117 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src | — |
Workaround
|
Threats
Impact
Moderate
Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `>`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4.
5.4 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
121 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src | — |
Workaround
|
Threats
Impact
Moderate
References
42 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Satellite 6.15 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5662",
"url": "https://access.redhat.com/errata/RHSA-2024:5662"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "2261856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261856"
},
{
"category": "external",
"summary": "2266045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266045"
},
{
"category": "external",
"summary": "2272563",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272563"
},
{
"category": "external",
"summary": "2275989",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275989"
},
{
"category": "external",
"summary": "2279476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279476"
},
{
"category": "external",
"summary": "SAT-25063",
"url": "https://issues.redhat.com/browse/SAT-25063"
},
{
"category": "external",
"summary": "SAT-25522",
"url": "https://issues.redhat.com/browse/SAT-25522"
},
{
"category": "external",
"summary": "SAT-26450",
"url": "https://issues.redhat.com/browse/SAT-26450"
},
{
"category": "external",
"summary": "SAT-26452",
"url": "https://issues.redhat.com/browse/SAT-26452"
},
{
"category": "external",
"summary": "SAT-26453",
"url": "https://issues.redhat.com/browse/SAT-26453"
},
{
"category": "external",
"summary": "SAT-26454",
"url": "https://issues.redhat.com/browse/SAT-26454"
},
{
"category": "external",
"summary": "SAT-26456",
"url": "https://issues.redhat.com/browse/SAT-26456"
},
{
"category": "external",
"summary": "SAT-26458",
"url": "https://issues.redhat.com/browse/SAT-26458"
},
{
"category": "external",
"summary": "SAT-26459",
"url": "https://issues.redhat.com/browse/SAT-26459"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5662.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.15.3 Security Update",
"tracking": {
"current_release_date": "2024-12-17T20:59:13+00:00",
"generator": {
"date": "2024-12-17T20:59:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:5662",
"initial_release_date": "2024-08-20T20:33:03+00:00",
"revision_history": [
{
"date": "2024-08-20T20:33:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-20T20:33:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T20:59:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.15::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.15::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.15::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-0:3.9.1.9-1.el8sat.src",
"product": {
"name": "foreman-0:3.9.1.9-1.el8sat.src",
"product_id": "foreman-0:3.9.1.9-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.9.1.9-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.9.3.3-1.el8sat.src",
"product": {
"name": "foreman-installer-1:3.9.3.3-1.el8sat.src",
"product_id": "foreman-installer-1:3.9.3.3-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.9.3.3-1.el8sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "libcomps-0:0.1.21-1.el8pc.src",
"product": {
"name": "libcomps-0:0.1.21-1.el8pc.src",
"product_id": "libcomps-0:0.1.21-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcomps@0.1.21-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-aiohttp-0:3.9.4-1.el8pc.src",
"product": {
"name": "python-aiohttp-0:3.9.4-1.el8pc.src",
"product_id": "python-aiohttp-0:3.9.4-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-aiohttp@3.9.4-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-rpm-0:3.23.4-1.el8pc.src",
"product": {
"name": "python-pulp-rpm-0:3.23.4-1.el8pc.src",
"product_id": "python-pulp-rpm-0:3.23.4-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-rpm@3.23.4-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.11.0.16-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.11.0.16-1.el8sat.src",
"product_id": "rubygem-katello-0:4.11.0.16-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.11.0.16-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.15.3-1.el8sat.src",
"product": {
"name": "satellite-0:6.15.3-1.el8sat.src",
"product_id": "satellite-0:6.15.3-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.15.3-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-lifecycle-0:6.15.0-1.src",
"product": {
"name": "satellite-lifecycle-0:6.15.0-1.src",
"product_id": "satellite-lifecycle-0:6.15.0-1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-lifecycle@6.15.0-1?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-django-0:4.2.14-1.el8pc.src",
"product": {
"name": "python-django-0:4.2.14-1.el8pc.src",
"product_id": "python-django-0:4.2.14-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-django@4.2.14-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-jinja2-0:3.1.4-1.el8pc.src",
"product": {
"name": "python-jinja2-0:3.1.4-1.el8pc.src",
"product_id": "python-jinja2-0:3.1.4-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jinja2@3.1.4-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pillow-0:10.3.0-1.el8pc.src",
"product": {
"name": "python-pillow-0:10.3.0-1.el8pc.src",
"product_id": "python-pillow-0:10.3.0-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow@10.3.0-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-ansible-1:0.20.8-1.el8pc.src",
"product": {
"name": "python-pulp-ansible-1:0.20.8-1.el8pc.src",
"product_id": "python-pulp-ansible-1:0.20.8-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-ansible@0.20.8-1.el8pc?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"product": {
"name": "rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"product_id": "rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_ansible@13.0.7-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"product": {
"name": "rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"product_id": "rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_theme_satellite@13.2.5-1.el8sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-service-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.9.1.9-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"product": {
"name": "foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"product_id": "foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.9.3.3-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"product_id": "foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.9.3.3-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"product": {
"name": "python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"product_id": "python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulp-rpm@3.23.4-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.11.0.16-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.15.3-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.15.3-1.el8sat.noarch",
"product_id": "satellite-0:6.15.3-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.15.3-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.15.3-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.15.3-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.15.3-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.15.3-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.15.3-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.15.3-1.el8sat.noarch",
"product_id": "satellite-common-0:6.15.3-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.15.3-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.15.3-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.15.3-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.15.3-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.15.3-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-lifecycle-0:6.15.0-1.noarch",
"product": {
"name": "satellite-lifecycle-0:6.15.0-1.noarch",
"product_id": "satellite-lifecycle-0:6.15.0-1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-lifecycle@6.15.0-1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-django-0:4.2.14-1.el8pc.noarch",
"product": {
"name": "python3.11-django-0:4.2.14-1.el8pc.noarch",
"product_id": "python3.11-django-0:4.2.14-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-django@4.2.14-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"product": {
"name": "python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"product_id": "python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-jinja2@3.1.4-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"product": {
"name": "python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"product_id": "python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pulp-ansible@0.20.8-1.el8pc?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"product_id": "rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_ansible@13.0.7-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"product_id": "rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_theme_satellite@13.2.5-1.el8sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libcomps-0:0.1.21-1.el8pc.x86_64",
"product": {
"name": "libcomps-0:0.1.21-1.el8pc.x86_64",
"product_id": "libcomps-0:0.1.21-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcomps@0.1.21-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"product": {
"name": "python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"product_id": "python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libcomps@0.1.21-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"product": {
"name": "python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"product_id": "python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-libcomps@0.1.21-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"product": {
"name": "libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"product_id": "libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcomps-debugsource@0.1.21-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"product": {
"name": "libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"product_id": "libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libcomps-debuginfo@0.1.21-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"product": {
"name": "python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"product_id": "python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libcomps-debuginfo@0.1.21-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"product": {
"name": "python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"product_id": "python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-libcomps-debuginfo@0.1.21-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"product": {
"name": "python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"product_id": "python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-aiohttp@3.9.4-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"product": {
"name": "python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"product_id": "python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-aiohttp-debugsource@3.9.4-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"product": {
"name": "python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"product_id": "python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-aiohttp-debuginfo@3.9.4-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"product": {
"name": "python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"product_id": "python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow@10.3.0-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"product": {
"name": "python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"product_id": "python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pillow-debugsource@10.3.0-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"product": {
"name": "python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"product_id": "python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3.11-pillow-debuginfo@10.3.0-1.el8pc?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.9-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src"
},
"product_reference": "foreman-0:3.9.1.9-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.9.3.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.9.3.3-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.9.3.3-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcomps-0:0.1.21-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src"
},
"product_reference": "libcomps-0:0.1.21-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcomps-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "libcomps-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-aiohttp-0:3.9.4-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src"
},
"product_reference": "python-aiohttp-0:3.9.4-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64"
},
"product_reference": "python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-0:4.2.14-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src"
},
"product_reference": "python-django-0:4.2.14-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jinja2-0:3.1.4-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src"
},
"product_reference": "python-jinja2-0:3.1.4-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:10.3.0-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src"
},
"product_reference": "python-pillow-0:10.3.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.20.8-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src"
},
"product_reference": "python-pulp-ansible-1:0.20.8-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.23.4-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.23.4-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libcomps-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64"
},
"product_reference": "python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64"
},
"product_reference": "python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-0:4.2.14-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch"
},
"product_reference": "python3.11-django-0:4.2.14-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-jinja2-0:3.1.4-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch"
},
"product_reference": "python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:10.3.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch"
},
"product_reference": "python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.3-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src"
},
"product_reference": "satellite-0:6.15.3-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.9-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src"
},
"product_reference": "foreman-0:3.9.1.9-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.3-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src"
},
"product_reference": "satellite-0:6.15.3-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.9-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src"
},
"product_reference": "foreman-0:3.9.1.9-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.9.3.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.9.3.3-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.9.3.3-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.9.1.9-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcomps-0:0.1.21-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src"
},
"product_reference": "libcomps-0:0.1.21-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcomps-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "libcomps-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcomps-debugsource-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-aiohttp-0:3.9.4-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src"
},
"product_reference": "python-aiohttp-0:3.9.4-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64"
},
"product_reference": "python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-0:4.2.14-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src"
},
"product_reference": "python-django-0:4.2.14-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jinja2-0:3.1.4-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src"
},
"product_reference": "python-jinja2-0:3.1.4-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-0:10.3.0-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src"
},
"product_reference": "python-pillow-0:10.3.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64"
},
"product_reference": "python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-ansible-1:0.20.8-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src"
},
"product_reference": "python-pulp-ansible-1:0.20.8-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.23.4-1.el8pc.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.23.4-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libcomps-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64"
},
"product_reference": "python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64"
},
"product_reference": "python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-django-0:4.2.14-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch"
},
"product_reference": "python3.11-django-0:4.2.14-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-jinja2-0:3.1.4-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch"
},
"product_reference": "python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-libcomps-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64"
},
"product_reference": "python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-0:10.3.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64"
},
"product_reference": "python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch"
},
"product_reference": "python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch"
},
"product_reference": "python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_ansible-0:13.0.7-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src"
},
"product_reference": "rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src"
},
"product_reference": "rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.11.0.16-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.11.0.16-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.11.0.16-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.3-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src"
},
"product_reference": "satellite-0:6.15.3-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.15.3-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.15.3-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-lifecycle-0:6.15.0-1.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch"
},
"product_reference": "satellite-lifecycle-0:6.15.0-1.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-lifecycle-0:6.15.0-1.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
},
"product_reference": "satellite-lifecycle-0:6.15.0-1.src",
"relates_to_product_reference": "8Base-satellite-6.15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-24680",
"discovery_date": "2024-01-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2261856"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Django. When used with very long strings, the intcomma template filter was subject to a potential denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Django: denial-of-service in ``intcomma`` template filter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24680"
},
{
"category": "external",
"summary": "RHBZ#2261856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24680",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24680"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-xxj9-f6rv-m3x4",
"url": "https://github.com/advisories/GHSA-xxj9-f6rv-m3x4"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/feb/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/feb/06/security-releases/"
}
],
"release_date": "2024-02-06T15:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-20T20:33:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5662"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Django: denial-of-service in ``intcomma`` template filter"
},
{
"cve": "CVE-2024-27306",
"cwe": {
"id": "CWE-80",
"name": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
},
"discovery_date": "2024-04-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2275989"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in aiohttp, an asynchronous HTTP client/server framework for asyncio and Python. When using \"web.static(..., show_index=True)\", the resulting index pages do not escape file names. If users can upload files with arbitrary filenames to the static directory, the server is vulnerable to cross-site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "aiohttp: XSS on index pages for static file handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-27306"
},
{
"category": "external",
"summary": "RHBZ#2275989",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275989"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-27306",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27306"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27306",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27306"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-20T20:33:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5662"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "aiohttp: XSS on index pages for static file handling"
},
{
"cve": "CVE-2024-27351",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-02-26T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2266045"
}
],
"notes": [
{
"category": "description",
"text": "An inefficient regular expression complexity flaw was found in the Truncator.words function and truncatewords_html filter of Django. This issue may allow an attacker to use a suitably crafted string to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-27351"
},
{
"category": "external",
"summary": "RHBZ#2266045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266045"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-27351",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-27351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27351"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/mar/04/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/mar/04/security-releases/"
}
],
"release_date": "2024-03-04T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-20T20:33:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5662"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words()"
},
{
"cve": "CVE-2024-28219",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2024-04-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272563"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Pillow. The cms_transform_new function in src/_imagingcms.c does not validate the length of its parameters before copying them into fixed-size buffers, leading to a buffer overflow, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: buffer overflow in _imagingcms.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw can be triggered when the ImageCms.buildTransform function is called with the InMode or OutMode arguments with a string larger than 8 bytes. An application is not vulnerable if these parameters are not controlled by the user or are validated before the function is called. Additionally, the Pillow ImageCms module functions should not be exposed to untrusted usage without input validation. For this reason, this flaw has been rated with a moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28219"
},
{
"category": "external",
"summary": "RHBZ#2272563",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272563"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28219"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28219",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28219"
}
],
"release_date": "2024-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-20T20:33:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5662"
},
{
"category": "workaround",
"details": "Make sure the ImageCms.buildTransform function is not called with the InMode or OutMode arguments with a string bigger than 8 bytes.",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pillow: buffer overflow in _imagingcms.c"
},
{
"cve": "CVE-2024-34064",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-05-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2279476"
}
],
"notes": [
{
"category": "description",
"text": "Jinja is an extensible templating engine. The `xmlattr` filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, `/`, `\u003e`, or `=`, as each would then be interpreted as starting a separate attribute. If an application accepts keys (as opposed to only values) as user input, and renders these in pages that other users see as well, an attacker could use this to inject other attributes and perform XSS. The fix for CVE-2024-22195 only addressed spaces but not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe. This vulnerability is fixed in 3.1.4.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jinja2: accepts keys containing non-attribute characters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The fix for CVE-2024-22195 only addressed spaces, not other characters. Accepting keys as user input is now explicitly considered an unintended use case of the `xmlattr` filter, and code that does so without otherwise validating the input should be flagged as insecure, regardless of Jinja version. Accepting _values_ as user input continues to be safe.\n\nFence agents on RHEL 8 has been fixed as a part of https://access.redhat.com/errata/RHBA-2024:4238",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34064"
},
{
"category": "external",
"summary": "RHBZ#2279476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34064",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34064"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj"
}
],
"release_date": "2024-05-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-20T20:33:03+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index",
"product_ids": [
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5662"
},
{
"category": "workaround",
"details": "Do not accept user input as keys to the xmlattr filter without validation. See the statement above for more information.",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15-capsule:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15-capsule:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15-capsule:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15-capsule:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.9-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-installer-1:3.9.3.3-1.el8sat.src",
"8Base-satellite-6.15:foreman-installer-katello-1:3.9.3.3-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.9-1.el8sat.noarch",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.src",
"8Base-satellite-6.15:libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:libcomps-debugsource-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python-aiohttp-0:3.9.4-1.el8pc.src",
"8Base-satellite-6.15:python-aiohttp-debugsource-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python-django-0:4.2.14-1.el8pc.src",
"8Base-satellite-6.15:python-jinja2-0:3.1.4-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-0:10.3.0-1.el8pc.src",
"8Base-satellite-6.15:python-pillow-debugsource-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python-pulp-ansible-1:0.20.8-1.el8pc.src",
"8Base-satellite-6.15:python-pulp-rpm-0:3.23.4-1.el8pc.src",
"8Base-satellite-6.15:python3-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-aiohttp-debuginfo-0:3.9.4-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-django-0:4.2.14-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-jinja2-0:3.1.4-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-libcomps-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-libcomps-debuginfo-0:0.1.21-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pillow-debuginfo-0:10.3.0-1.el8pc.x86_64",
"8Base-satellite-6.15:python3.11-pulp-ansible-1:0.20.8-1.el8pc.noarch",
"8Base-satellite-6.15:python3.11-pulp-rpm-0:3.23.4-1.el8pc.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_ansible-0:13.0.7-1.el8sat.src",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-foreman_theme_satellite-0:13.2.5-1.el8sat.src",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-katello-0:4.11.0.16-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.3-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.3-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.noarch",
"8Base-satellite-6.15:satellite-lifecycle-0:6.15.0-1.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jinja2: accepts keys containing non-attribute characters"
}
]
}
SEVD-2025-189-03
Vulnerability from csaf_se - Published: 2025-07-08 04:00 - Updated: 2026-02-10 08:00Summary
EcoStruxure™ Power Operation
Notes
General Security Recommendations: We strongly recommend the following industry cybersecurity best practices.
https://www.se.com/us/en/download/document/7EN52-0390/
* Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.
* Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.
* Place all controllers in locked cabinets and never leave them in the “Program” mode.
* Never connect programming software to any network other than the network intended for that device.
* Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. before use in the terminals or any node connected to these networks.
* Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.
* Minimize network exposure for all control system devices and systems and ensure that they are not accessible from the Internet.
* When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.
For more information refer to the Schneider Electric Recommended Cybersecurity Best Practices document.
For More Information: This document provides an overview of the identified vulnerability or vulnerabilities and actions required to mitigate. For more details and assistance on how to protect your installation, contact your local Schneider Electric representative or Schneider Electric Industrial Cybersecurity Services: https://www.se.com/ww/en/work/solutions/cybersecurity/. These organizations will be fully aware of this situation and can support you through the process.
For further information related to cybersecurity in Schneider Electric’s products, visit the company’s cybersecurity support portal page: https://www.se.com/ww/en/work/support/cybersecurity/overview.jsp
LEGAL DISCLAIMER: THIS NOTIFICATION DOCUMENT, THE INFORMATION CONTAINED HEREIN, AND ANY MATERIALS LINKED FROM IT (COLLECTIVELY, THIS “NOTIFICATION”) ARE INTENDED TO HELP PROVIDE AN OVERVIEW OF THE IDENTIFIED SITUATION AND SUGGESTED MITIGATION ACTIONS, REMEDIATION, FIX, AND/OR GENERAL SECURITY RECOMMENDATIONS AND IS PROVIDED ON AN “AS-IS” BASIS WITHOUT WARRANTY OR GUARANTEE OF ANY KIND. SCHNEIDER ELECTRIC DISCLAIMS ALL WARRANTIES RELATING TO THIS NOTIFICATION, EITHER EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SCHNEIDER ELECTRIC MAKES NO WARRANTY THAT THE NOTIFICATION WILL RESOLVE THE IDENTIFIED SITUATION. IN NO EVENT SHALL SCHNEIDER ELECTRIC BE LIABLE FOR ANY DAMAGES OR LOSSES WHATSOEVER IN CONNECTION WITH THIS NOTIFICATION, INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF SCHNEIDER ELECTRIC HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. YOUR USE OF THIS NOTIFICATION IS AT YOUR OWN RISK, AND YOU ARE SOLELY LIABLE FOR ANY DAMAGES TO YOUR SYSTEMS OR ASSETS OR OTHER LOSSES THAT MAY RESULT FROM YOUR USE OF THIS NOTIFICATION. SCHNEIDER ELECTRIC RESERVES THE RIGHT TO UPDATE OR CHANGE THIS NOTIFICATION AT ANY TIME AND IN ITS SOLE DISCRETION
About Schneider Electric: Schneider's purpose is to create Impact by empowering all to make the most of our energy and resources, bridging progress and
sustainability for all. We call this Life Is On.
Our mission is to be the trusted partner in Sustainability and Efficiency.
We are a global industrial technology leader bringing world-leading expertise in electrification, automation and digitization to smart
industries, resilient infrastructure, future-proof data centers, intelligent buildings, and intuitive homes. Anchored by our deep
domain expertise, we provide integrated end-to-end lifecycle AI enabled Industrial IoT solutions with connected products, automation,
software and services, delivering digital twins to enable profitable growth for our customers.
We are a people company with an ecosystem of 150,000 colleagues and more than a million partners operating in over 100 countries
to ensure proximity to our customers and stakeholders. We embrace diversity and inclusion in everything we do, guided by our
meaningful purpose of a sustainable future for all.
www.se.com
Overview: Schneider Electric is aware of multiple vulnerabilities disclosed in PostgreSQL.
Many vendors, including Schneider Electric, use PostgreSQL in their offers. PostgreSQL is a
database server that is used as a data store for multiple products.
Schneider Electric installs a version of PostgreSQL with its EcoStruxure™ Power Operation https://www.se.com/us/en/product-range/65405-ecostruxure-power-operation/?parent-subcategory-id=59326966&filter=business-4-low-voltage-products-and-systems#overview software.
EcoStruxure™ Power Operation (EPO) is an on-premises software offer that provides a single
platform to monitor and control medium and lower power systems.
Failure to apply the remediations and mitigations below could result in loss of system
functionality or unauthorized access to system functions.
Customers should use appropriate patching methodologies when applying these patches to their systems. We strongly recommend the use of back-ups and evaluating the impact of these patches in a Test and Development environment or on an offline infrastructure. Contact Schneider Electric’s Customer Care Center if you need assistance removing a patch.
Vulnerability Details: A number of transitive vulnerabilities in PostgreSQL pgadmin tool could impact EcoStruxure™ Power Operation software. Please refer to the following CVEs:
• CVE-2023-50447
• CVE-2024-28219
• CVE-2022-45198
• CVE-2023-5217
• CVE-2023-35945
• CVE-2023-44487
Additional information about these vulnerabilities can be found on https://www.cve.org/
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).
8.1 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation 2024 CU2
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2024 CU2 | ||
|
EcoStruxure™ Power Operation 2022 CU7
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2022 CU7 |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation (EPO) 2022 CU6 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2022 CU6 |
Vendor Fix
fix
|
|
|
EcoStruxure™ Power Operation (EPO) 2024 CU1 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2024 CU1 |
Vendor Fix
fix
|
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
6.7 (Medium)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation 2024 CU2
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2024 CU2 | ||
|
EcoStruxure™ Power Operation 2022 CU7
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2022 CU7 |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation (EPO) 2022 CU6 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2022 CU6 |
Vendor Fix
fix
|
|
|
EcoStruxure™ Power Operation (EPO) 2024 CU1 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2024 CU1 |
Vendor Fix
fix
|
Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).
7.5 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation 2024 CU2
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2024 CU2 | ||
|
EcoStruxure™ Power Operation 2022 CU7
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2022 CU7 |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation (EPO) 2022 CU6 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2022 CU6 |
Vendor Fix
fix
|
|
|
EcoStruxure™ Power Operation (EPO) 2024 CU1 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2024 CU1 |
Vendor Fix
fix
|
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
8.8 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation 2024 CU2
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2024 CU2 | ||
|
EcoStruxure™ Power Operation 2022 CU7
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2022 CU7 |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation (EPO) 2022 CU6 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2022 CU6 |
Vendor Fix
fix
|
|
|
EcoStruxure™ Power Operation (EPO) 2024 CU1 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2024 CU1 |
Vendor Fix
fix
|
Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWAY` frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the `GOAWAY` frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to `GOAWAY` frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11.
7.5 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation 2024 CU2
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2024 CU2 | ||
|
EcoStruxure™ Power Operation 2022 CU7
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2022 CU7 |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation (EPO) 2022 CU6 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2022 CU6 |
Vendor Fix
fix
|
|
|
EcoStruxure™ Power Operation (EPO) 2024 CU1 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2024 CU1 |
Vendor Fix
fix
|
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
7.5 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation 2024 CU2
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2024 CU2 | ||
|
EcoStruxure™ Power Operation 2022 CU7
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
2022 CU7 |
Known affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
EcoStruxure™ Power Operation (EPO) 2022 CU6 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2022 CU6 |
Vendor Fix
fix
|
|
|
EcoStruxure™ Power Operation (EPO) 2024 CU1 and prior
Schneider Electric / EcoStruxure™ Power Operation (EPO)
|
vers:generic/<=2024 CU1 |
Vendor Fix
fix
|
References
3 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "We strongly recommend the following industry cybersecurity best practices.\n\nhttps://www.se.com/us/en/download/document/7EN52-0390/\n* Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network.\n* Install physical controls so no unauthorized personnel can access your industrial control and safety systems, components, peripheral equipment, and networks.\n* Place all controllers in locked cabinets and never leave them in the \u201cProgram\u201d mode.\n* Never connect programming software to any network other than the network intended for that device.\n* Scan all methods of mobile data exchange with the isolated network such as CDs, USB drives, etc. before use in the terminals or any node connected to these networks.\n* Never allow mobile devices that have connected to any other network besides the intended network to connect to the safety or control networks without proper sanitation.\n* Minimize network exposure for all control system devices and systems and ensure that they are not accessible from the Internet.\n* When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.\n\nFor more information refer to the Schneider Electric Recommended Cybersecurity Best Practices document.",
"title": "General Security Recommendations"
},
{
"category": "general",
"text": "This document provides an overview of the identified vulnerability or vulnerabilities and actions required to mitigate. For more details and assistance on how to protect your installation, contact your local Schneider Electric representative or Schneider Electric Industrial Cybersecurity Services: https://www.se.com/ww/en/work/solutions/cybersecurity/. These organizations will be fully aware of this situation and can support you through the process.\nFor further information related to cybersecurity in Schneider Electric\u2019s products, visit the company\u2019s cybersecurity support portal page: https://www.se.com/ww/en/work/support/cybersecurity/overview.jsp",
"title": "For More Information"
},
{
"category": "legal_disclaimer",
"text": "THIS NOTIFICATION DOCUMENT, THE INFORMATION CONTAINED HEREIN, AND ANY MATERIALS LINKED FROM IT (COLLECTIVELY, THIS \u201cNOTIFICATION\u201d) ARE INTENDED TO HELP PROVIDE AN OVERVIEW OF THE IDENTIFIED SITUATION AND SUGGESTED MITIGATION ACTIONS, REMEDIATION, FIX, AND/OR GENERAL SECURITY RECOMMENDATIONS AND IS PROVIDED ON AN \u201cAS-IS\u201d BASIS WITHOUT WARRANTY OR GUARANTEE OF ANY KIND. SCHNEIDER ELECTRIC DISCLAIMS ALL WARRANTIES RELATING TO THIS NOTIFICATION, EITHER EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SCHNEIDER ELECTRIC MAKES NO WARRANTY THAT THE NOTIFICATION WILL RESOLVE THE IDENTIFIED SITUATION. IN NO EVENT SHALL SCHNEIDER ELECTRIC BE LIABLE FOR ANY DAMAGES OR LOSSES WHATSOEVER IN CONNECTION WITH THIS NOTIFICATION, INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF SCHNEIDER ELECTRIC HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. YOUR USE OF THIS NOTIFICATION IS AT YOUR OWN RISK, AND YOU ARE SOLELY LIABLE FOR ANY DAMAGES TO YOUR SYSTEMS OR ASSETS OR OTHER LOSSES THAT MAY RESULT FROM YOUR USE OF THIS NOTIFICATION. SCHNEIDER ELECTRIC RESERVES THE RIGHT TO UPDATE OR CHANGE THIS NOTIFICATION AT ANY TIME AND IN ITS SOLE DISCRETION",
"title": "LEGAL DISCLAIMER"
},
{
"category": "general",
"text": "Schneider\u0027s purpose is to create Impact by empowering all to make the most of our energy and resources, bridging progress and\r\nsustainability for all. We call this Life Is On.\n\nOur mission is to be the trusted partner in Sustainability and Efficiency.\n\nWe are a global industrial technology leader bringing world-leading expertise in electrification, automation and digitization to smart\r\nindustries, resilient infrastructure, future-proof data centers, intelligent buildings, and intuitive homes. Anchored by our deep\r\ndomain expertise, we provide integrated end-to-end lifecycle AI enabled Industrial IoT solutions with connected products, automation,\r\nsoftware and services, delivering digital twins to enable profitable growth for our customers.\n\nWe are a people company with an ecosystem of 150,000 colleagues and more than a million partners operating in over 100 countries\r\nto ensure proximity to our customers and stakeholders. We embrace diversity and inclusion in everything we do, guided by our\r\nmeaningful purpose of a sustainable future for all. \n\n www.se.com",
"title": "About Schneider Electric"
},
{
"category": "summary",
"text": "Schneider Electric is aware of multiple vulnerabilities disclosed in PostgreSQL.\r\n\nMany vendors, including Schneider Electric, use PostgreSQL in their offers. PostgreSQL is a \r\ndatabase server that is used as a data store for multiple products.\r\n\nSchneider Electric installs a version of PostgreSQL with its EcoStruxure\u2122 Power Operation https://www.se.com/us/en/product-range/65405-ecostruxure-power-operation/?parent-subcategory-id=59326966\u0026filter=business-4-low-voltage-products-and-systems#overview software. \r\n\nEcoStruxure\u2122 Power Operation (EPO) is an on-premises software offer that provides a single \r\nplatform to monitor and control medium and lower power systems.\r\n\nFailure to apply the remediations and mitigations below could result in loss of system \r\nfunctionality or unauthorized access to system functions.",
"title": "Overview"
},
{
"category": "other",
"text": "Customers should use appropriate patching methodologies when applying these patches to their systems. We strongly recommend the use of back-ups and evaluating the impact of these patches in a Test and Development environment or on an offline infrastructure. Contact Schneider Electric\u2019s Customer Care Center if you need assistance removing a patch. "
},
{
"category": "details",
"text": "A number of transitive vulnerabilities in PostgreSQL pgadmin tool could impact EcoStruxure\u2122 Power Operation software. Please refer to the following CVEs: \n\u2022 CVE-2023-50447\n\u2022 CVE-2024-28219\n\u2022 CVE-2022-45198\n\u2022 CVE-2023-5217\n\u2022 CVE-2023-35945\n\u2022 CVE-2023-44487\n\n Additional information about these vulnerabilities can be found on https://www.cve.org/",
"title": "Vulnerability Details"
}
],
"publisher": {
"category": "vendor",
"contact_details": "cpcert@se.com",
"name": "Schneider Electric CPCERT",
"namespace": "https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp"
},
"references": [
{
"category": "self",
"summary": "EcoStruxure\u2122 Power Operation - SEVD-2025-189-03 PDF Version",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-189-03\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2025-189-03.pdf"
},
{
"category": "self",
"summary": "EcoStruxure\u2122 Power Operation - SEVD-2025-189-03 CSAF Version",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-189-03\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=sevd-2025-189-03.json"
},
{
"category": "external",
"summary": "Recommended Cybersecurity Best Practices",
"url": "https://www.se.com/ww/en/download/document/7EN52-0390/"
}
],
"title": "EcoStruxure\u2122 Power Operation",
"tracking": {
"current_release_date": "2026-02-10T08:00:00.000Z",
"generator": {
"date": "2026-02-05T00:00:00.000Z",
"engine": {
"name": "Schneider Electric CSAF Generator",
"version": "1.2"
}
},
"id": "SEVD-2025-189-03",
"initial_release_date": "2025-07-08T04:00:00.000Z",
"revision_history": [
{
"date": "2025-07-08T04:00:00.000Z",
"number": "1.0.0",
"summary": "Original Release"
},
{
"date": "2026-02-10T08:00:00.000Z",
"number": "2.0.0",
"summary": "Remediations are now available for EcoStruxure\u2122 Power Operation 2022. Vulnerability details and remediation directions have been updated as well."
}
],
"status": "final",
"version": "2.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:generic/\u003c=2022 CU6",
"product": {
"name": "EcoStruxure\u2122 Power Operation (EPO) 2022 CU6 and prior",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "2022 CU7",
"product": {
"name": "EcoStruxure\u2122 Power Operation 2022 CU7",
"product_id": "4"
}
},
{
"category": "product_version_range",
"name": "vers:generic/\u003c=2024 CU1",
"product": {
"name": "EcoStruxure\u2122 Power Operation (EPO) 2024 CU1 and prior",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "2024 CU2",
"product": {
"name": "EcoStruxure\u2122 Power Operation 2024 CU2",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "EcoStruxure\u2122 Power Operation (EPO)"
}
],
"category": "vendor",
"name": "Schneider Electric"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-50447",
"notes": [
{
"category": "description",
"text": "Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"3",
"4"
],
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "The CVE\u0027s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, not required by EcoStruxure\u2122 Power Operation 2024, we recommend you uninstall it from your EPO server and client machines. We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. EcoStruxure\u2122 Power Operation 2024 CU2 includes an updated version of PostgreSQL and is available for download here: https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997",
"product_ids": [
"2"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997"
},
{
"category": "vendor_fix",
"details": "EcoStruxure\u2122 Power Operation 2022 CU7 includes an updated version of PostgreSQL and is available for download here:https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322. We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. The CVE\u2019s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, which is not required by EcoStruxure\u2122 Power Operation 2022, ensure you have updated it to the latest version.",
"product_ids": [
"1"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-50447"
},
{
"cve": "CVE-2024-28219",
"notes": [
{
"category": "description",
"text": "In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"3",
"4"
],
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "The CVE\u2019s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, not required by EcoStruxure\u2122 Power Operation 2024, we recommend you uninstall it from your EPO server and client machines.We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. EcoStruxure\u2122 Power Operation 2024 CU2 includes an updated version of PostgreSQL and is available for download here: https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997",
"product_ids": [
"2"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997"
},
{
"category": "vendor_fix",
"details": "EcoStruxure\u2122 Power Operation 2022 CU7 includes an updated version of PostgreSQL and is available for download here:https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322. We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. The CVE\u2019s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, which is not required by EcoStruxure\u2122 Power Operation 2022, ensure you have updated it to the latest version.",
"product_ids": [
"1"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2022-45198",
"notes": [
{
"category": "description",
"text": "Pillow before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification).",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"3",
"4"
],
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "The CVE\u2019s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, not required by EcoStruxure\u2122 Power Operation 2024, we recommend you uninstall it from your EPO server and client machines.We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. EcoStruxure\u2122 Power Operation 2024 CU2 includes an updated version of PostgreSQL and is available for download here: https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997",
"product_ids": [
"2"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997"
},
{
"category": "vendor_fix",
"details": "EcoStruxure\u2122 Power Operation 2022 CU7 includes an updated version of PostgreSQL and is available for download here:https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322. We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. The CVE\u2019s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, which is not required by EcoStruxure\u2122 Power Operation 2022, ensure you have updated it to the latest version.",
"product_ids": [
"1"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2022-45198"
},
{
"cve": "CVE-2023-5217",
"notes": [
{
"category": "description",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"3",
"4"
],
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "The CVE\u0027s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, not required by EcoStruxure\u2122 Power Operation 2024, we recommend you uninstall it from your EPO server and client machines.We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. EcoStruxure\u2122 Power Operation 2024 CU2 includes an updated version of PostgreSQL and is available for download here: https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997",
"product_ids": [
"2"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997"
},
{
"category": "vendor_fix",
"details": "EcoStruxure\u2122 Power Operation 2022 CU7 includes an updated version of PostgreSQL and is available for download here:https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322. We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. The CVE\u2019s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, which is not required by EcoStruxure\u2122 Power Operation 2022, ensure you have updated it to the latest version.",
"product_ids": [
"1"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-5217"
},
{
"cve": "CVE-2023-35945",
"notes": [
{
"category": "description",
"text": "Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy\u0027s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWAY` frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the `GOAWAY` frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to `GOAWAY` frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"3",
"4"
],
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "The CVE\u0027s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, not required by EcoStruxure\u2122 Power Operation 2024, we recommend you uninstall it from your EPO server and client machines.We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. EcoStruxure\u2122 Power Operation 2024 CU2 includes an updated version of PostgreSQL and is available for download here: https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997",
"product_ids": [
"2"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997"
},
{
"category": "vendor_fix",
"details": "EcoStruxure\u2122 Power Operation 2022 CU7 includes an updated version of PostgreSQL and is available for download here:https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322. We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. The CVE\u2019s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, which is not required by EcoStruxure\u2122 Power Operation 2022, ensure you have updated it to the latest version.",
"product_ids": [
"1"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-35945"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"3",
"4"
],
"known_affected": [
"1",
"2"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "The CVE\u2019s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, not required by EcoStruxure\u2122 Power Operation 2024, we recommend you uninstall it from your EPO server and client machines.We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. EcoStruxure\u2122 Power Operation 2024 CU2 includes an updated version of PostgreSQL and is available for download here: https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997",
"product_ids": [
"2"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2024-Release-amp-Updates-Install-Procedure/m-p/478928/thread-id/6997#M6997"
},
{
"category": "vendor_fix",
"details": "EcoStruxure\u2122 Power Operation 2022 CU7 includes an updated version of PostgreSQL and is available for download here:https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322. We strongly recommend customers take the following actions:\u2022 If waveform analysis and ETAP simulation features are not used, uninstall PostgreSQLOR\u2022 For those customers using waveform analysis and ETAP simulation features, we recommend all deployments of EPO only accept connections from localhost in PostgresSQL. Contact customer care for information on how to modify PostgreSQL. Further, we recommend you manually uninstall PostgreSQL 14.10 and update to PostgreSQL 14.17 or higher. The CVE\u2019s listed above affect the PostgresSQL pgadmin tool. If you have installed this tool, which is not required by EcoStruxure\u2122 Power Operation 2022, ensure you have updated it to the latest version.",
"product_ids": [
"1"
],
"restart_required": {
"category": "none"
},
"url": "https://community.se.com/t5/EcoStruxure-Power-Operation/v2022-Release-amp-Updates-Install-Procedure/m-p/491544#M7322"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2"
]
}
],
"title": "CVE-2023-44487"
}
]
}
SUSE-SU-2024:1154-1
Vulnerability from csaf_suse - Published: 2024-04-08 10:20 - Updated: 2024-04-08 10:20Summary
Security update for python-Pillow
Severity
Important
Notes
Title of the patch: Security update for python-Pillow
Description of the patch: This update for python-Pillow fixes the following issues:
- CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262)
Patchnames: SUSE-2024-1154,openSUSE-SLE-15.5-2024-1154
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.3 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-Pillow",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-Pillow fixes the following issues:\n \n- CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262) \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1154,openSUSE-SLE-15.5-2024-1154",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1154-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1154-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241154-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1154-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/034869.html"
},
{
"category": "self",
"summary": "SUSE Bug 1222262",
"url": "https://bugzilla.suse.com/1222262"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28219 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28219/"
}
],
"title": "Security update for python-Pillow",
"tracking": {
"current_release_date": "2024-04-08T10:20:34Z",
"generator": {
"date": "2024-04-08T10:20:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1154-1",
"initial_release_date": "2024-04-08T10:20:34Z",
"revision_history": [
{
"date": "2024-04-08T10:20:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python3-Pillow-7.2.0-150300.3.9.1.aarch64",
"product": {
"name": "python3-Pillow-7.2.0-150300.3.9.1.aarch64",
"product_id": "python3-Pillow-7.2.0-150300.3.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.aarch64",
"product": {
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.aarch64",
"product_id": "python3-Pillow-tk-7.2.0-150300.3.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-Pillow-7.2.0-150300.3.9.1.i586",
"product": {
"name": "python3-Pillow-7.2.0-150300.3.9.1.i586",
"product_id": "python3-Pillow-7.2.0-150300.3.9.1.i586"
}
},
{
"category": "product_version",
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.i586",
"product": {
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.i586",
"product_id": "python3-Pillow-tk-7.2.0-150300.3.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-Pillow-7.2.0-150300.3.9.1.ppc64le",
"product": {
"name": "python3-Pillow-7.2.0-150300.3.9.1.ppc64le",
"product_id": "python3-Pillow-7.2.0-150300.3.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.ppc64le",
"product": {
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.ppc64le",
"product_id": "python3-Pillow-tk-7.2.0-150300.3.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-Pillow-7.2.0-150300.3.9.1.s390x",
"product": {
"name": "python3-Pillow-7.2.0-150300.3.9.1.s390x",
"product_id": "python3-Pillow-7.2.0-150300.3.9.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.s390x",
"product": {
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.s390x",
"product_id": "python3-Pillow-tk-7.2.0-150300.3.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-Pillow-7.2.0-150300.3.9.1.x86_64",
"product": {
"name": "python3-Pillow-7.2.0-150300.3.9.1.x86_64",
"product_id": "python3-Pillow-7.2.0-150300.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.x86_64",
"product": {
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.x86_64",
"product_id": "python3-Pillow-tk-7.2.0-150300.3.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-Pillow-7.2.0-150300.3.9.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.aarch64"
},
"product_reference": "python3-Pillow-7.2.0-150300.3.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-Pillow-7.2.0-150300.3.9.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.ppc64le"
},
"product_reference": "python3-Pillow-7.2.0-150300.3.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-Pillow-7.2.0-150300.3.9.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.s390x"
},
"product_reference": "python3-Pillow-7.2.0-150300.3.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-Pillow-7.2.0-150300.3.9.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.x86_64"
},
"product_reference": "python3-Pillow-7.2.0-150300.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.aarch64"
},
"product_reference": "python3-Pillow-tk-7.2.0-150300.3.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.ppc64le"
},
"product_reference": "python3-Pillow-tk-7.2.0-150300.3.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.s390x"
},
"product_reference": "python3-Pillow-tk-7.2.0-150300.3.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-Pillow-tk-7.2.0-150300.3.9.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.x86_64"
},
"product_reference": "python3-Pillow-tk-7.2.0-150300.3.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28219",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28219"
}
],
"notes": [
{
"category": "general",
"text": "In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.aarch64",
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.ppc64le",
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.s390x",
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.x86_64",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.aarch64",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.ppc64le",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.s390x",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28219",
"url": "https://www.suse.com/security/cve/CVE-2024-28219"
},
{
"category": "external",
"summary": "SUSE Bug 1222262 for CVE-2024-28219",
"url": "https://bugzilla.suse.com/1222262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.aarch64",
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.ppc64le",
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.s390x",
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.x86_64",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.aarch64",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.ppc64le",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.s390x",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.aarch64",
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.ppc64le",
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.s390x",
"openSUSE Leap 15.5:python3-Pillow-7.2.0-150300.3.9.1.x86_64",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.aarch64",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.ppc64le",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.s390x",
"openSUSE Leap 15.5:python3-Pillow-tk-7.2.0-150300.3.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-08T10:20:34Z",
"details": "important"
}
],
"title": "CVE-2024-28219"
}
]
}
SUSE-SU-2024:1258-1
Vulnerability from csaf_suse - Published: 2024-04-12 13:02 - Updated: 2024-04-12 13:02Summary
Security update for python-Pillow
Severity
Important
Notes
Title of the patch: Security update for python-Pillow
Description of the patch: This update for python-Pillow fixes the following issues:
- CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262)
Other fixes:
- Re-enabled build tests for s390x and ppc (bsc#1222553)
Patchnames: SUSE-2024-1258,SUSE-SLE-Module-Python3-15-SP5-2024-1258,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1258,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1258,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1258,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1258,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1258,openSUSE-SLE-15.5-2024-1258
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.3 (High)
Affected products
Recommended
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-9.5.0-150400.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-9.5.0-150400.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-Pillow",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-Pillow fixes the following issues:\n\n- CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262)\n\nOther fixes:\n- Re-enabled build tests for s390x and ppc (bsc#1222553)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1258,SUSE-SLE-Module-Python3-15-SP5-2024-1258,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1258,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1258,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1258,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1258,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1258,openSUSE-SLE-15.5-2024-1258",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1258-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1258-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241258-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1258-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/034965.html"
},
{
"category": "self",
"summary": "SUSE Bug 1222262",
"url": "https://bugzilla.suse.com/1222262"
},
{
"category": "self",
"summary": "SUSE Bug 1222553",
"url": "https://bugzilla.suse.com/1222553"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28219 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28219/"
}
],
"title": "Security update for python-Pillow",
"tracking": {
"current_release_date": "2024-04-12T13:02:42Z",
"generator": {
"date": "2024-04-12T13:02:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1258-1",
"initial_release_date": "2024-04-12T13:02:42Z",
"revision_history": [
{
"date": "2024-04-12T13:02:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"product": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"product_id": "python311-Pillow-9.5.0-150400.5.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"product": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"product_id": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-Pillow-9.5.0-150400.5.15.1.i586",
"product": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.i586",
"product_id": "python311-Pillow-9.5.0-150400.5.15.1.i586"
}
},
{
"category": "product_version",
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.i586",
"product": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.i586",
"product_id": "python311-Pillow-tk-9.5.0-150400.5.15.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"product": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"product_id": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"product": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"product_id": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-Pillow-9.5.0-150400.5.15.1.s390x",
"product": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.s390x",
"product_id": "python311-Pillow-9.5.0-150400.5.15.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"product": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"product_id": "python311-Pillow-tk-9.5.0-150400.5.15.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"product": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"product_id": "python311-Pillow-9.5.0-150400.5.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"product": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"product_id": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Python 3 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Python 3 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-python3:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.aarch64 as component of SUSE Linux Enterprise Module for Python 3 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.aarch64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le as component of SUSE Linux Enterprise Module for Python 3 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.ppc64le"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.s390x as component of SUSE Linux Enterprise Module for Python 3 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.s390x"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Python 3 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64 as component of SUSE Linux Enterprise Module for Python 3 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le as component of SUSE Linux Enterprise Module for Python 3 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.s390x as component of SUSE Linux Enterprise Module for Python 3 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 as component of SUSE Linux Enterprise Module for Python 3 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-9.5.0-150400.5.15.1.aarch64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.aarch64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.aarch64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.ppc64le"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.s390x"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-9.5.0-150400.5.15.1.ppc64le"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.aarch64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.ppc64le"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.s390x"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-9.5.0-150400.5.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64"
},
"product_reference": "python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28219",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28219"
}
],
"notes": [
{
"category": "general",
"text": "In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.s390x",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28219",
"url": "https://www.suse.com/security/cve/CVE-2024-28219"
},
{
"category": "external",
"summary": "SUSE Bug 1222262 for CVE-2024-28219",
"url": "https://bugzilla.suse.com/1222262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.s390x",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP5:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.aarch64",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.ppc64le",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.s390x",
"openSUSE Leap 15.5:python311-Pillow-9.5.0-150400.5.15.1.x86_64",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.aarch64",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.ppc64le",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.s390x",
"openSUSE Leap 15.5:python311-Pillow-tk-9.5.0-150400.5.15.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:02:42Z",
"details": "important"
}
],
"title": "CVE-2024-28219"
}
]
}
SUSE-SU-2024:1267-1
Vulnerability from csaf_suse - Published: 2024-04-12 13:06 - Updated: 2024-04-12 13:06Summary
Security update for python-Pillow
Severity
Important
Notes
Title of the patch: Security update for python-Pillow
Description of the patch: This update for python-Pillow fixes the following issues:
- CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262)
Patchnames: SUSE-2024-1267,SUSE-OpenStack-Cloud-9-2024-1267,SUSE-OpenStack-Cloud-Crowbar-9-2024-1267
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.3 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 9:python-Pillow-5.2.0-3.26.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:python-Pillow-5.2.0-3.26.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-Pillow",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-Pillow fixes the following issues:\n\n- CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1267,SUSE-OpenStack-Cloud-9-2024-1267,SUSE-OpenStack-Cloud-Crowbar-9-2024-1267",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1267-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1267-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241267-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1267-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/034957.html"
},
{
"category": "self",
"summary": "SUSE Bug 1222262",
"url": "https://bugzilla.suse.com/1222262"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28219 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28219/"
}
],
"title": "Security update for python-Pillow",
"tracking": {
"current_release_date": "2024-04-12T13:06:35Z",
"generator": {
"date": "2024-04-12T13:06:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1267-1",
"initial_release_date": "2024-04-12T13:06:35Z",
"revision_history": [
{
"date": "2024-04-12T13:06:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python-Pillow-5.2.0-3.26.2.aarch64",
"product": {
"name": "python-Pillow-5.2.0-3.26.2.aarch64",
"product_id": "python-Pillow-5.2.0-3.26.2.aarch64"
}
},
{
"category": "product_version",
"name": "python3-Pillow-5.2.0-3.26.2.aarch64",
"product": {
"name": "python3-Pillow-5.2.0-3.26.2.aarch64",
"product_id": "python3-Pillow-5.2.0-3.26.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2.noarch",
"product": {
"name": "venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2.noarch",
"product_id": "venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python-Pillow-5.2.0-3.26.2.ppc64le",
"product": {
"name": "python-Pillow-5.2.0-3.26.2.ppc64le",
"product_id": "python-Pillow-5.2.0-3.26.2.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-Pillow-5.2.0-3.26.2.ppc64le",
"product": {
"name": "python3-Pillow-5.2.0-3.26.2.ppc64le",
"product_id": "python3-Pillow-5.2.0-3.26.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python-Pillow-5.2.0-3.26.2.s390x",
"product": {
"name": "python-Pillow-5.2.0-3.26.2.s390x",
"product_id": "python-Pillow-5.2.0-3.26.2.s390x"
}
},
{
"category": "product_version",
"name": "python3-Pillow-5.2.0-3.26.2.s390x",
"product": {
"name": "python3-Pillow-5.2.0-3.26.2.s390x",
"product_id": "python3-Pillow-5.2.0-3.26.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python-Pillow-5.2.0-3.26.2.x86_64",
"product": {
"name": "python-Pillow-5.2.0-3.26.2.x86_64",
"product_id": "python-Pillow-5.2.0-3.26.2.x86_64"
}
},
{
"category": "product_version",
"name": "python3-Pillow-5.2.0-3.26.2.x86_64",
"product": {
"name": "python3-Pillow-5.2.0-3.26.2.x86_64",
"product_id": "python3-Pillow-5.2.0-3.26.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Pillow-5.2.0-3.26.2.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:python-Pillow-5.2.0-3.26.2.x86_64"
},
"product_reference": "python-Pillow-5.2.0-3.26.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2.noarch as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2.noarch"
},
"product_reference": "venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Pillow-5.2.0-3.26.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:python-Pillow-5.2.0-3.26.2.x86_64"
},
"product_reference": "python-Pillow-5.2.0-3.26.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28219",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28219"
}
],
"notes": [
{
"category": "general",
"text": "In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 9:python-Pillow-5.2.0-3.26.2.x86_64",
"SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2.noarch",
"SUSE OpenStack Cloud Crowbar 9:python-Pillow-5.2.0-3.26.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28219",
"url": "https://www.suse.com/security/cve/CVE-2024-28219"
},
{
"category": "external",
"summary": "SUSE Bug 1222262 for CVE-2024-28219",
"url": "https://bugzilla.suse.com/1222262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 9:python-Pillow-5.2.0-3.26.2.x86_64",
"SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2.noarch",
"SUSE OpenStack Cloud Crowbar 9:python-Pillow-5.2.0-3.26.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE OpenStack Cloud 9:python-Pillow-5.2.0-3.26.2.x86_64",
"SUSE OpenStack Cloud 9:venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2.noarch",
"SUSE OpenStack Cloud Crowbar 9:python-Pillow-5.2.0-3.26.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:06:35Z",
"details": "important"
}
],
"title": "CVE-2024-28219"
}
]
}
SUSE-SU-2024:1268-1
Vulnerability from csaf_suse - Published: 2024-04-12 13:07 - Updated: 2024-04-12 13:07Summary
Security update for python-Pillow
Severity
Important
Notes
Title of the patch: Security update for python-Pillow
Description of the patch: This update for python-Pillow fixes the following issues:
- CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262)
Patchnames: HPE-Helion-OpenStack-8-2024-1268,SUSE-2024-1268,SUSE-OpenStack-Cloud-8-2024-1268,SUSE-OpenStack-Cloud-Crowbar-8-2024-1268
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.3 (High)
Affected products
Recommended
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:python-Pillow-4.2.1-3.29.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.29.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.29.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-Pillow",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python-Pillow fixes the following issues:\n\n- CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262) \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2024-1268,SUSE-2024-1268,SUSE-OpenStack-Cloud-8-2024-1268,SUSE-OpenStack-Cloud-Crowbar-8-2024-1268",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1268-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1268-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241268-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1268-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/034956.html"
},
{
"category": "self",
"summary": "SUSE Bug 1222262",
"url": "https://bugzilla.suse.com/1222262"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28219 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28219/"
}
],
"title": "Security update for python-Pillow",
"tracking": {
"current_release_date": "2024-04-12T13:07:01Z",
"generator": {
"date": "2024-04-12T13:07:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1268-1",
"initial_release_date": "2024-04-12T13:07:01Z",
"revision_history": [
{
"date": "2024-04-12T13:07:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python-Pillow-4.2.1-3.29.2.aarch64",
"product": {
"name": "python-Pillow-4.2.1-3.29.2.aarch64",
"product_id": "python-Pillow-4.2.1-3.29.2.aarch64"
}
},
{
"category": "product_version",
"name": "python3-Pillow-4.2.1-3.29.2.aarch64",
"product": {
"name": "python3-Pillow-4.2.1-3.29.2.aarch64",
"product_id": "python3-Pillow-4.2.1-3.29.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2.noarch",
"product": {
"name": "venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2.noarch",
"product_id": "venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2.noarch"
}
},
{
"category": "product_version",
"name": "venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2.noarch",
"product": {
"name": "venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2.noarch",
"product_id": "venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python-Pillow-4.2.1-3.29.2.ppc64le",
"product": {
"name": "python-Pillow-4.2.1-3.29.2.ppc64le",
"product_id": "python-Pillow-4.2.1-3.29.2.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-Pillow-4.2.1-3.29.2.ppc64le",
"product": {
"name": "python3-Pillow-4.2.1-3.29.2.ppc64le",
"product_id": "python3-Pillow-4.2.1-3.29.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python-Pillow-4.2.1-3.29.2.s390x",
"product": {
"name": "python-Pillow-4.2.1-3.29.2.s390x",
"product_id": "python-Pillow-4.2.1-3.29.2.s390x"
}
},
{
"category": "product_version",
"name": "python3-Pillow-4.2.1-3.29.2.s390x",
"product": {
"name": "python3-Pillow-4.2.1-3.29.2.s390x",
"product_id": "python3-Pillow-4.2.1-3.29.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python-Pillow-4.2.1-3.29.2.x86_64",
"product": {
"name": "python-Pillow-4.2.1-3.29.2.x86_64",
"product_id": "python-Pillow-4.2.1-3.29.2.x86_64"
}
},
{
"category": "product_version",
"name": "python3-Pillow-4.2.1-3.29.2.x86_64",
"product": {
"name": "python3-Pillow-4.2.1-3.29.2.x86_64",
"product_id": "python3-Pillow-4.2.1-3.29.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Pillow-4.2.1-3.29.2.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:python-Pillow-4.2.1-3.29.2.x86_64"
},
"product_reference": "python-Pillow-4.2.1-3.29.2.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2.noarch"
},
"product_reference": "venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Pillow-4.2.1-3.29.2.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.29.2.x86_64"
},
"product_reference": "python-Pillow-4.2.1-3.29.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2.noarch"
},
"product_reference": "venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-Pillow-4.2.1-3.29.2.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.29.2.x86_64"
},
"product_reference": "python-Pillow-4.2.1-3.29.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28219",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28219"
}
],
"notes": [
{
"category": "general",
"text": "In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:python-Pillow-4.2.1-3.29.2.x86_64",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2.noarch",
"SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.29.2.x86_64",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.29.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28219",
"url": "https://www.suse.com/security/cve/CVE-2024-28219"
},
{
"category": "external",
"summary": "SUSE Bug 1222262 for CVE-2024-28219",
"url": "https://bugzilla.suse.com/1222262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:python-Pillow-4.2.1-3.29.2.x86_64",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2.noarch",
"SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.29.2.x86_64",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.29.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:python-Pillow-4.2.1-3.29.2.x86_64",
"HPE Helion OpenStack 8:venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2.noarch",
"SUSE OpenStack Cloud 8:python-Pillow-4.2.1-3.29.2.x86_64",
"SUSE OpenStack Cloud 8:venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:python-Pillow-4.2.1-3.29.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-12T13:07:01Z",
"details": "important"
}
],
"title": "CVE-2024-28219"
}
]
}
WID-SEC-W-2024-1328
Vulnerability from csaf_certbund - Published: 2024-06-10 22:00 - Updated: 2025-05-29 22:00Summary
Red Hat Ansible Automation Platform: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat Ansible Automation Platform ist eine End-to-End-Automatisierungsplattform für die Systemkonfiguration, die Softwarebereitstellung und die Orchestrierung erweiterter Workflows.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Red Hat Ansible Automation Platform ausnutzen, um beliebigen Programmcode auszuführen, einen Denial-of-Service-Zustand erzeugen, vertrauliche Informationen offenzulegen, Sicherheitsmaßnahmen zu umgehen, Dateien zu manipulieren oder Cross-Site-Scripting (XSS)-Angriffe durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat Ansible Automation Platform <2.4
Red Hat / Ansible Automation Platform
|
<2.4 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Red Hat Satellite 6.15
Red Hat / Satellite
|
cpe:/a:redhat:satellite:6.15
|
6.15 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat Enterprise Linux Update Infrastructure 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:update_infrastructure_4
|
Update Infrastructure 4 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— |
References
45 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Ansible Automation Platform ist eine End-to-End-Automatisierungsplattform f\u00fcr die Systemkonfiguration, die Softwarebereitstellung und die Orchestrierung erweiterter Workflows.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Ansible Automation Platform ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Denial-of-Service-Zustand erzeugen, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen, Dateien zu manipulieren oder Cross-Site-Scripting (XSS)-Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1328 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1328.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1328 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1328"
},
{
"category": "external",
"summary": "RedHat Security Advisory vom 2024-06-10",
"url": "https://access.redhat.com/errata/RHSA-2024:3781"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3820 vom 2024-06-11",
"url": "https://access.redhat.com/errata/RHSA-2024:3820"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3713 vom 2024-06-12",
"url": "https://access.redhat.com/errata/RHSA-2024:3713"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3811 vom 2024-06-11",
"url": "https://access.redhat.com/errata/RHSA-2024:3811"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3795 vom 2024-06-11",
"url": "https://access.redhat.com/errata/RHSA-2024:3795"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-3820 vom 2024-06-12",
"url": "https://linux.oracle.com/errata/ELSA-2024-3820.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2024-F52B6219CA vom 2024-06-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-f52b6219ca"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:3820 vom 2024-06-14",
"url": "https://errata.build.resf.org/RLSA-2024:3820"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2068-1 vom 2024-06-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018734.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2182-1 vom 2024-06-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018806.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-644 vom 2024-07-02",
"url": "https://alas.aws.amazon.com/AL2023/ALAS-2024-644.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-645 vom 2024-07-02",
"url": "https://alas.aws.amazon.com/AL2023/ALAS-2024-645.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4231 vom 2024-07-03",
"url": "https://access.redhat.com/errata/RHSA-2024:4231"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4227 vom 2024-07-03",
"url": "https://access.redhat.com/errata/RHSA-2024:4227"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4227 vom 2024-07-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-4227.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-4231 vom 2024-07-03",
"url": "https://linux.oracle.com/errata/ELSA-2024-4231.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4404 vom 2024-07-09",
"url": "https://access.redhat.com/errata/RHSA-2024:4404"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4414 vom 2024-07-09",
"url": "https://access.redhat.com/errata/RHSA-2024:4414"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4427 vom 2024-07-09",
"url": "https://access.redhat.com/errata/RHSA-2024:4427"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4522 vom 2024-07-12",
"url": "https://access.redhat.com/errata/RHSA-2024:4522"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2481-1 vom 2024-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018968.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2481-1 vom 2024-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018973.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2481-1 vom 2024-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018969.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4227 vom 2024-07-15",
"url": "https://errata.build.resf.org/RLSA-2024:4227"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:4231 vom 2024-07-15",
"url": "https://errata.build.resf.org/RLSA-2024:4231"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4616 vom 2024-07-25",
"url": "https://access.redhat.com/errata/RHSA-2024:4616"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4958 vom 2024-08-07",
"url": "https://access.redhat.com/errata/RHSA-2024:4958"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202408-11 vom 2024-08-07",
"url": "https://security.gentoo.org/glsa/202408-11"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5107 vom 2024-08-13",
"url": "https://access.redhat.com/errata/RHSA-2024:5107"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5662 vom 2024-08-21",
"url": "https://access.redhat.com/errata/RHSA-2024:5662"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6428 vom 2024-09-05",
"url": "https://access.redhat.com/errata/RHSA-2024:6428"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2654 vom 2024-10-16",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2654.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7174016 vom 2024-10-24",
"url": "https://www.ibm.com/support/pages/node/7174016"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9150 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9150"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9988 vom 2024-11-21",
"url": "https://access.redhat.com/errata/RHSA-2024:9988"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9984 vom 2024-11-21",
"url": "https://access.redhat.com/errata/RHSA-2024:9984"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9986 vom 2024-11-21",
"url": "https://access.redhat.com/errata/RHSA-2024:9986"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5828 vom 2024-12-12",
"url": "https://security-tracker.debian.org/tracker/DSA-5828-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4000 vom 2024-12-21",
"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00022.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4396-1 vom 2024-12-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2G4X2TXZZR4PJJZP65T5QITC24ZVDLNL/"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:0012 vom 2025-01-08",
"url": "https://errata.build.resf.org/RLSA-2025:0012"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1335 vom 2025-02-12",
"url": "https://access.redhat.com/errata/RHSA-2025:1335"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2868 vom 2025-05-29",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2868.html"
}
],
"source_lang": "en-US",
"title": "Red Hat Ansible Automation Platform: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-05-29T22:00:00.000+00:00",
"generator": {
"date": "2025-05-30T09:21:00.626+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-1328",
"initial_release_date": "2024-06-10T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-06-10T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-06-11T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-06-13T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-06-16T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-06-18T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-06-24T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-07-01T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2024-07-03T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-11T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-15T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-07-24T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-06T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-07T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-08-13T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-20T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-09-05T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-16T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-10-24T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-11-11T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-20T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-11T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-12-22T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Debian und SUSE aufgenommen"
},
{
"date": "2025-01-07T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-02-11T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Amazon aufgenommen"
}
],
"status": "final",
"version": "27"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.4",
"product": {
"name": "Red Hat Ansible Automation Platform \u003c2.4",
"product_id": "T035285"
}
},
{
"category": "product_version",
"name": "2.4",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4",
"product_id": "T035285-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4"
}
}
}
],
"category": "product_name",
"name": "Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Update Infrastructure 4",
"product": {
"name": "Red Hat Enterprise Linux Update Infrastructure 4",
"product_id": "T041113",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:update_infrastructure_4"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "6.15",
"product": {
"name": "Red Hat Satellite 6.15",
"product_id": "T034360",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.15"
}
}
}
],
"category": "product_name",
"name": "Satellite"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-45290",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2023-45290"
},
{
"cve": "CVE-2023-49083",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-50447",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2023-50447"
},
{
"cve": "CVE-2023-5752",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2023-5752"
},
{
"cve": "CVE-2024-1135",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-1135"
},
{
"cve": "CVE-2024-21503",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-21503"
},
{
"cve": "CVE-2024-24783",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-24783"
},
{
"cve": "CVE-2024-26130",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-27306",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-27306"
},
{
"cve": "CVE-2024-27351",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-27351"
},
{
"cve": "CVE-2024-28219",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-28849",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-30251",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-30251"
},
{
"cve": "CVE-2024-32879",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-32879"
},
{
"cve": "CVE-2024-34064",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-35195",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-3651",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-3651"
},
{
"cve": "CVE-2024-3772",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-3772"
},
{
"cve": "CVE-2024-4340",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"398363",
"T035285",
"T012167",
"T034360",
"T004914",
"T032255",
"T041113",
"74185"
]
},
"release_date": "2024-06-10T22:00:00.000+00:00",
"title": "CVE-2024-4340"
}
]
}
WID-SEC-W-2024-3377
Vulnerability from csaf_certbund - Published: 2024-11-07 23:00 - Updated: 2024-11-07 23:00Summary
Dell PowerProtect Data Domain: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Dell PowerProtect Data Domain Appliances sind speziell für Backup und Daten-Deduplizierung ausgelegte Systeme.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um seine Privilegien zu erhöhen, Informationen offenzulegen und um nicht näher beschriebene Auswirkungen zu erzielen.
Betroffene Betriebssysteme: - Sonstiges
Es besteht eine Schwachstelle in Dell PowerProtect Data Domain. Dieser Fehler existiert wegen unzureichender Privilegienbeschränkungen, die unautorisierte Konfigurationsänderungen ermöglichen. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um bestimmte Befehle auszuführen, die Systemkonfiguration der Anwendung zu überschreiben und so seine Privilegien zu erhöhen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung ist eine Benutzerinteraktion erforderlich.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es besteht eine Schwachstelle in Dell PowerProtect Data Domain. Dieser Fehler existiert wegen einer unsachgemäßen Zugriffskontrolle. Ein entfernter authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erhöhen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existiert eine nicht näher beschriebene Schwachstelle in Dell PowerProtect Data Domain. Ein entfernter, authentisierter Angreifer kann dadurch Informationen offenlegen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bezüglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und veröffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain <7.7.5.50
dell / powerprotect_data_domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
dell / powerprotect_data_domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
dell / powerprotect_data_domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
dell / powerprotect_data_domain
|
<8.1.0.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell PowerProtect Data Domain Appliances sind speziell f\u00fcr Backup und Daten-Deduplizierung ausgelegte Systeme.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um seine Privilegien zu erh\u00f6hen, Informationen offenzulegen und um nicht n\u00e4her beschriebene Auswirkungen zu erzielen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3377 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3377.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3377 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3377"
},
{
"category": "external",
"summary": "Dell Security Update",
"url": "https://www.dell.com/support/kbdoc/de-de/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability"
}
],
"source_lang": "en-US",
"title": "Dell PowerProtect Data Domain: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-07T23:00:00.000+00:00",
"generator": {
"date": "2024-11-08T12:08:33.588+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3377",
"initial_release_date": "2024-11-07T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-07T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.1.0.0",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.1.0.0",
"product_id": "T038861"
}
},
{
"category": "product_version",
"name": "8.1.0.0",
"product": {
"name": "Dell PowerProtect Data Domain 8.1.0.0",
"product_id": "T038861-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.1.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.13.1.10",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.13.1.10",
"product_id": "T038862"
}
},
{
"category": "product_version",
"name": "7.13.1.10",
"product": {
"name": "Dell PowerProtect Data Domain 7.13.1.10",
"product_id": "T038862-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.1.40",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.10.1.40",
"product_id": "T038863"
}
},
{
"category": "product_version",
"name": "7.10.1.40",
"product": {
"name": "Dell PowerProtect Data Domain 7.10.1.40",
"product_id": "T038863-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.40"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.7.5.50",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.7.5.50",
"product_id": "T038864"
}
},
{
"category": "product_version",
"name": "7.7.5.50",
"product": {
"name": "Dell PowerProtect Data Domain 7.7.5.50",
"product_id": "T038864-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.7.5.50"
}
}
}
],
"category": "product_name",
"name": "powerprotect_data_domain"
}
],
"category": "vendor",
"name": "dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45759",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Dell PowerProtect Data Domain. Dieser Fehler existiert wegen unzureichender Privilegienbeschr\u00e4nkungen, die unautorisierte Konfigurations\u00e4nderungen erm\u00f6glichen. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um bestimmte Befehle auszuf\u00fchren, die Systemkonfiguration der Anwendung zu \u00fcberschreiben und so seine Privilegien zu erh\u00f6hen oder einen Denial-of-Service-Zustand zu erzeugen. Zur erfolgreichen Ausnutzung ist eine Benutzerinteraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-45759"
},
{
"cve": "CVE-2024-48010",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in Dell PowerProtect Data Domain. Dieser Fehler existiert wegen einer unsachgem\u00e4\u00dfen Zugriffskontrolle. Ein entfernter authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erh\u00f6hen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-48010"
},
{
"cve": "CVE-2024-48011",
"notes": [
{
"category": "description",
"text": "Es existiert eine nicht n\u00e4her beschriebene Schwachstelle in Dell PowerProtect Data Domain. Ein entfernter, authentisierter Angreifer kann dadurch Informationen offenlegen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-48011"
},
{
"cve": "CVE-2017-16829",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2017-16829"
},
{
"cve": "CVE-2017-5849",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2017-5849"
},
{
"cve": "CVE-2018-7208",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2018-7208"
},
{
"cve": "CVE-2019-14889",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2019-14889"
},
{
"cve": "CVE-2020-12912",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-12912"
},
{
"cve": "CVE-2020-16135",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-16135"
},
{
"cve": "CVE-2020-1730",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-1730"
},
{
"cve": "CVE-2020-24455",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-24455"
},
{
"cve": "CVE-2020-8694",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-8694"
},
{
"cve": "CVE-2020-8695",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2021-27219",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2021-27219"
},
{
"cve": "CVE-2021-3565",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2021-3565"
},
{
"cve": "CVE-2021-3634",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2021-3634"
},
{
"cve": "CVE-2022-1210",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-1210"
},
{
"cve": "CVE-2022-1622",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-1622"
},
{
"cve": "CVE-2022-1996",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-1996"
},
{
"cve": "CVE-2022-22576",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-22576"
},
{
"cve": "CVE-2022-25313",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2022-27774",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27774"
},
{
"cve": "CVE-2022-27775",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27775"
},
{
"cve": "CVE-2022-27776",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27776"
},
{
"cve": "CVE-2022-27781",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27781"
},
{
"cve": "CVE-2022-27782",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27782"
},
{
"cve": "CVE-2022-29361",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-29361"
},
{
"cve": "CVE-2022-32205",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32205"
},
{
"cve": "CVE-2022-32206",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32206"
},
{
"cve": "CVE-2022-32207",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32207"
},
{
"cve": "CVE-2022-32208",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32208"
},
{
"cve": "CVE-2022-32221",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32221"
},
{
"cve": "CVE-2022-35252",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-35252"
},
{
"cve": "CVE-2022-40023",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-40023"
},
{
"cve": "CVE-2022-40090",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-40090"
},
{
"cve": "CVE-2022-42915",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-42915"
},
{
"cve": "CVE-2022-42916",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-42916"
},
{
"cve": "CVE-2022-43551",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-43551"
},
{
"cve": "CVE-2022-43552",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-43552"
},
{
"cve": "CVE-2022-4603",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-4603"
},
{
"cve": "CVE-2022-48064",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-48064"
},
{
"cve": "CVE-2022-48624",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-48624"
},
{
"cve": "CVE-2023-0461",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-0461"
},
{
"cve": "CVE-2023-1667",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-1667"
},
{
"cve": "CVE-2023-1916",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-1916"
},
{
"cve": "CVE-2023-20592",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-20592"
},
{
"cve": "CVE-2023-2137",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-2137"
},
{
"cve": "CVE-2023-22745",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-22745"
},
{
"cve": "CVE-2023-2283",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-2283"
},
{
"cve": "CVE-2023-23914",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23914"
},
{
"cve": "CVE-2023-23915",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23915"
},
{
"cve": "CVE-2023-23916",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23916"
},
{
"cve": "CVE-2023-23934",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23934"
},
{
"cve": "CVE-2023-25577",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-25577"
},
{
"cve": "CVE-2023-26965",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-26965"
},
{
"cve": "CVE-2023-27043",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2023-2731",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-2731"
},
{
"cve": "CVE-2023-27533",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27533"
},
{
"cve": "CVE-2023-27534",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27534"
},
{
"cve": "CVE-2023-27535",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27535"
},
{
"cve": "CVE-2023-27536",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27536"
},
{
"cve": "CVE-2023-27538",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27538"
},
{
"cve": "CVE-2023-28319",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28319"
},
{
"cve": "CVE-2023-28320",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28320"
},
{
"cve": "CVE-2023-28321",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28321"
},
{
"cve": "CVE-2023-28322",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28322"
},
{
"cve": "CVE-2023-31083",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-31083"
},
{
"cve": "CVE-2023-34055",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-34055"
},
{
"cve": "CVE-2023-35116",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2023-38286",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38286"
},
{
"cve": "CVE-2023-38469",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38469"
},
{
"cve": "CVE-2023-38471",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38471"
},
{
"cve": "CVE-2023-38472",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38472"
},
{
"cve": "CVE-2023-38545",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-38546",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-39197",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-39197"
},
{
"cve": "CVE-2023-39198",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-39198"
},
{
"cve": "CVE-2023-39804",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-39804"
},
{
"cve": "CVE-2023-40217",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-40217"
},
{
"cve": "CVE-2023-42465",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-42465"
},
{
"cve": "CVE-2023-4255",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-4255"
},
{
"cve": "CVE-2023-45139",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45139"
},
{
"cve": "CVE-2023-45322",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45322"
},
{
"cve": "CVE-2023-45863",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45863"
},
{
"cve": "CVE-2023-45871",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45871"
},
{
"cve": "CVE-2023-46136",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46136"
},
{
"cve": "CVE-2023-46218",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46219",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46219"
},
{
"cve": "CVE-2023-46751",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46751"
},
{
"cve": "CVE-2023-48795",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-49083",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-50447",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-50447"
},
{
"cve": "CVE-2023-5049",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5049"
},
{
"cve": "CVE-2023-50495",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-50495"
},
{
"cve": "CVE-2023-50782",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-50782"
},
{
"cve": "CVE-2023-51257",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-51257"
},
{
"cve": "CVE-2023-52425",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2023-5678",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-5717",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5717"
},
{
"cve": "CVE-2023-5752",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5752"
},
{
"cve": "CVE-2023-6004",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-6004"
},
{
"cve": "CVE-2023-6597",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2023-6918",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-6918"
},
{
"cve": "CVE-2023-7207",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-7207"
},
{
"cve": "CVE-2024-0450",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-0727",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-0985",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-0985"
},
{
"cve": "CVE-2024-21626",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-21626"
},
{
"cve": "CVE-2024-22195",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-22195"
},
{
"cve": "CVE-2024-22365",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-22365"
},
{
"cve": "CVE-2024-23651",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23651"
},
{
"cve": "CVE-2024-23652",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23652"
},
{
"cve": "CVE-2024-23653",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23653"
},
{
"cve": "CVE-2024-23672",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-24549",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-25062",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-26130",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-26458",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-26458"
},
{
"cve": "CVE-2024-26461",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-26461"
},
{
"cve": "CVE-2024-28085",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28085"
},
{
"cve": "CVE-2024-28182",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28219",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-28757",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in Dell PowerProtect Data Domain bez\u00fcglich genutzter Komponenten von Drittanbietern, wie Apache Tomcat, curl, Linux Kernel, python und anderen, die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
}
],
"product_status": {
"known_affected": [
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28757"
}
]
}
WID-SEC-W-2025-0144
Vulnerability from csaf_certbund - Published: 2025-01-21 23:00 - Updated: 2025-01-21 23:00Summary
Oracle Financial Services Applications: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Financial Services ist eine Zusammenstellung von Anwendungen für den Finanzsektor und eine Technologiebasis zur Erfüllung von IT- und Geschäftsanforderungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HOCH" für die Schadenshöhe.
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Financial Services Applications 8.0.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8
|
8.0.8 | |
|
Oracle Financial Services Applications 8.0.8.1
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.1
|
8.0.8.1 | |
|
Oracle Financial Services Applications 8.1.2.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.6
|
8.1.2.6 | |
|
Oracle Financial Services Applications 14.7.5.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.7.5.0.0
|
14.7.5.0.0 | |
|
Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0
|
14.4.0.0.0-14.7.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.5
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.5
|
8.1.2.5 | |
|
Oracle Financial Services Applications 8.1.2.7
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.7
|
8.1.2.7 | |
|
Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0
|
2.9.0.0.0-7.0.0.0.0 | |
|
Oracle Financial Services Applications 8.1.2.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.2.8
|
8.1.2.8 | |
|
Oracle Financial Services Applications 8.1.3.0
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.1.3.0
|
8.1.3.0 | |
|
Oracle Financial Services Applications 8.0.8.6
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.8.6
|
8.0.8.6 | |
|
Oracle Financial Services Applications 8.0.7.8
Oracle / Financial Services Applications
|
cpe:/a:oracle:financial_services_applications:8.0.7.8
|
8.0.7.8 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Financial Services ist eine Zusammenstellung von Anwendungen f\u00fcr den Finanzsektor und eine Technologiebasis zur Erf\u00fcllung von IT- und Gesch\u00e4ftsanforderungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Financial Services Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0144 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0144.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0144 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0144"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2025 - Appendix Oracle Financial Services Applications vom 2025-01-21",
"url": "https://www.oracle.com/security-alerts/cpujan2025.html#AppendixIFLX"
}
],
"source_lang": "en-US",
"title": "Oracle Financial Services Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-21T23:00:00.000+00:00",
"generator": {
"date": "2025-01-22T09:43:52.607+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2025-0144",
"initial_release_date": "2025-01-21T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-21T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "8.0.8",
"product": {
"name": "Oracle Financial Services Applications 8.0.8",
"product_id": "T021677",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8"
}
}
},
{
"category": "product_version",
"name": "8.0.8.1",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.1",
"product_id": "T022844",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.1"
}
}
},
{
"category": "product_version",
"name": "8.1.2.5",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.5",
"product_id": "T028706",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.5"
}
}
},
{
"category": "product_version",
"name": "8.1.2.6",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.6",
"product_id": "T032104",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.6"
}
}
},
{
"category": "product_version",
"name": "8.1.2.7",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.7",
"product_id": "T036217",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.7"
}
}
},
{
"category": "product_version",
"name": "8.1.2.8",
"product": {
"name": "Oracle Financial Services Applications 8.1.2.8",
"product_id": "T038392",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.2.8"
}
}
},
{
"category": "product_version",
"name": "14.7.5.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.7.5.0.0",
"product_id": "T038393",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.7.5.0.0"
}
}
},
{
"category": "product_version",
"name": "8.0.7.8",
"product": {
"name": "Oracle Financial Services Applications 8.0.7.8",
"product_id": "T040464",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.7.8"
}
}
},
{
"category": "product_version",
"name": "8.0.8.6",
"product": {
"name": "Oracle Financial Services Applications 8.0.8.6",
"product_id": "T040465",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.0.8.6"
}
}
},
{
"category": "product_version",
"name": "8.1.3.0",
"product": {
"name": "Oracle Financial Services Applications 8.1.3.0",
"product_id": "T040466",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:8.1.3.0"
}
}
},
{
"category": "product_version",
"name": "2.9.0.0.0-7.0.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 2.9.0.0.0-7.0.0.0.0",
"product_id": "T040516",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:2.9.0.0.0_-_7.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "14.4.0.0.0-14.7.0.0.0",
"product": {
"name": "Oracle Financial Services Applications 14.4.0.0.0-14.7.0.0.0",
"product_id": "T040517",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:financial_services_applications:14.4.0.0.0_-_14.7.0.0.0"
}
}
}
],
"category": "product_name",
"name": "Financial Services Applications"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-34169",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2023-26031",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-26031"
},
{
"cve": "CVE-2023-33201",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-39410",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-44483",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-44483"
},
{
"cve": "CVE-2023-48795",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51074",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-51074"
},
{
"cve": "CVE-2023-52070",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2023-52070"
},
{
"cve": "CVE-2024-28219",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-34064",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-34064"
},
{
"cve": "CVE-2024-34750",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-35195",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-35195"
},
{
"cve": "CVE-2024-38819",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38827",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-38827"
},
{
"cve": "CVE-2024-45492",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2025-21550",
"notes": [
{
"category": "description",
"text": "In Oracle Financial Services Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T021677",
"T022844",
"T032104",
"T038393",
"T040517",
"T028706",
"T036217",
"T040516",
"T038392",
"T040466",
"T040465",
"T040464"
]
},
"release_date": "2025-01-21T23:00:00.000+00:00",
"title": "CVE-2025-21550"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…