Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-28757 (GCVE-0-2024-28757)
Vulnerability from cvelistv5 – Published: 2024-03-10 00:00 – Updated: 2025-11-04 22:06
VLAI
EPSS
Summary
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Assigner
References
10 references
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-28757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-11T13:15:18.395170Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-776",
"description": "CWE-776 Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T18:36:35.128Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T22:06:07.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/pull/842"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/issues/839"
},
{
"name": "FEDORA-2024-4e6e660fae",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/"
},
{
"name": "FEDORA-2024-40b98c9ced",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240322-0001/"
},
{
"name": "FEDORA-2024-afb73e6f62",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/"
},
{
"name": "[oss-security] 20240315 Expat 2.6.2 released, includes security fixes",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/15/1"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T19:07:21.211Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libexpat/libexpat/pull/842"
},
{
"url": "https://github.com/libexpat/libexpat/issues/839"
},
{
"name": "FEDORA-2024-4e6e660fae",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/"
},
{
"name": "FEDORA-2024-40b98c9ced",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240322-0001/"
},
{
"name": "FEDORA-2024-afb73e6f62",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/"
},
{
"name": "[oss-security] 20240315 Expat 2.6.2 released, includes security fixes",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/15/1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-28757",
"datePublished": "2024-03-10T00:00:00.000Z",
"dateReserved": "2024-03-10T00:00:00.000Z",
"dateUpdated": "2025-11-04T22:06:07.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-28757",
"date": "2026-06-22",
"epss": "0.02006",
"percentile": "0.78273"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).\"}, {\"lang\": \"es\", \"value\": \"libexpat hasta 2.6.1 permite un ataque de expansi\\u00f3n de entidad XML cuando hay un uso aislado de analizadores externos (creados a trav\\u00e9s de XML_ExternalEntityParserCreate).\"}]",
"id": "CVE-2024-28757",
"lastModified": "2024-11-21T09:06:54.427",
"published": "2024-03-10T05:15:06.570",
"references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/15/1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://github.com/libexpat/libexpat/issues/839\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://github.com/libexpat/libexpat/pull/842\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240322-0001/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/15/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/libexpat/libexpat/issues/839\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/libexpat/libexpat/pull/842\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240322-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Awaiting Analysis"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-28757\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-03-10T05:15:06.570\",\"lastModified\":\"2025-11-04T22:15:59.800\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).\"},{\"lang\":\"es\",\"value\":\"libexpat hasta 2.6.1 permite un ataque de expansi\u00f3n de entidad XML cuando hay un uso aislado de analizadores externos (creados a trav\u00e9s de XML_ExternalEntityParserCreate).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-776\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-776\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.6.2\",\"matchCriteriaId\":\"463A4DD2-9DA6-420C-A361-293B1166B9C6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA277A6C-83EC-4536-9125-97B84C4FAF59\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A20333EE-4C13-426E-8B54-D78679D5DDB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_tools:10:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"5333B745-F7A3-46CB-8437-8668DB08CD6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:windows_host_utilities:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15282AE5-2005-4852-8FC8-EF2CE0E28FB4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89612649-BACF-4FAC-9BA4-324724FD93A6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D9B255-C1AF-42D1-BF9B-13642FBDC080\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD7CFE0E-9D1E-4495-B302-89C3096FC0DF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/15/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Release Notes\"]},{\"url\":\"https://github.com/libexpat/libexpat/issues/839\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/libexpat/libexpat/pull/842\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240322-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/15/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Release Notes\"]},{\"url\":\"https://github.com/libexpat/libexpat/issues/839\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/libexpat/libexpat/pull/842\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240322-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/libexpat/libexpat/pull/842\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/libexpat/libexpat/issues/839\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/\", \"name\": \"FEDORA-2024-4e6e660fae\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/\", \"name\": \"FEDORA-2024-40b98c9ced\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240322-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/\", \"name\": \"FEDORA-2024-afb73e6f62\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/15/1\", \"name\": \"[oss-security] 20240315 Expat 2.6.2 released, includes security fixes\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T22:06:07.049Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-28757\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-11T13:15:18.395170Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-776\", \"description\": \"CWE-776 Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-05T15:20:37.934Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/libexpat/libexpat/pull/842\"}, {\"url\": \"https://github.com/libexpat/libexpat/issues/839\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/\", \"name\": \"FEDORA-2024-4e6e660fae\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/\", \"name\": \"FEDORA-2024-40b98c9ced\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240322-0001/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/\", \"name\": \"FEDORA-2024-afb73e6f62\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/15/1\", \"name\": \"[oss-security] 20240315 Expat 2.6.2 released, includes security fixes\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-05-01T19:07:21.211Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-28757\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T22:06:07.049Z\", \"dateReserved\": \"2024-03-10T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-03-10T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SSA-784301
Vulnerability from csaf_siemens - Published: 2024-08-13 00:00 - Updated: 2024-08-13 00:00Summary
SSA-784301: Multiple Vulnerabilities in SINEC NMS Before V3.0
Notes
Summary: SINEC NMS before V3.0 is affected by multiple vulnerabilities.
Siemens has released a new version for SINEC NMS and recommends to update to the latest version.
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
References
2 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "SINEC NMS before V3.0 is affected by multiple vulnerabilities.\n\nSiemens has released a new version for SINEC NMS and recommends to update to the latest version.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-784301: Multiple Vulnerabilities in SINEC NMS Before V3.0 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
},
{
"category": "self",
"summary": "SSA-784301: Multiple Vulnerabilities in SINEC NMS Before V3.0 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-784301.json"
}
],
"title": "SSA-784301: Multiple Vulnerabilities in SINEC NMS Before V3.0",
"tracking": {
"current_release_date": "2024-08-13T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-784301",
"initial_release_date": "2024-08-13T00:00:00Z",
"revision_history": [
{
"date": "2024-08-13T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV3.0",
"product": {
"name": "SINEC NMS",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "SINEC NMS"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4611",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-4611"
},
{
"cve": "CVE-2023-5868",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with \u0027unknown\u0027-type arguments. Handling \u0027unknown\u0027-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-5868"
},
{
"cve": "CVE-2023-5869",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server\u0027s memory.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-5869"
},
{
"cve": "CVE-2023-5870",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-5870"
},
{
"cve": "CVE-2023-6378",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-6378"
},
{
"cve": "CVE-2023-6481",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-6481"
},
{
"cve": "CVE-2023-31122",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-31122"
},
{
"cve": "CVE-2023-34050",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "summary",
"text": "In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class names were added to Spring AMQP, allowing users to lock down deserialization of data in messages from untrusted sources; however by default, when no allowed list was provided, all classes could be deserialized. Specifically, an application is vulnerable if \r\n\r\n * the SimpleMessageConverter or SerializerMessageConverter is used \r\n * the user does not configure allowed list patterns \r\n * untrusted message originators gain permissions to write messages to the RabbitMQ broker to send malicious content.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-34050"
},
{
"cve": "CVE-2023-39615",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor\u0027s position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-39615"
},
{
"cve": "CVE-2023-42794",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Incomplete Cleanup vulnerability in Apache Tomcat.\r\n\r\nThe internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, \r\nin progress refactoring that exposed a potential denial of service on \r\nWindows if a web application opened a stream for an uploaded file but \r\nfailed to close the stream. The file would never be deleted from disk \r\ncreating the possibility of an eventual denial of service due to the \r\ndisk being full.\r\n\r\nUsers are recommended to upgrade to version 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-42794"
},
{
"cve": "CVE-2023-42795",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could \r\ncause Tomcat to skip some parts of the recycling process leading to \r\ninformation leaking from the current request/response to the next.\r\n\r\nUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-42795"
},
{
"cve": "CVE-2023-43622",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known \"slow loris\" attack pattern.\r\nThis has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.\r\n\r\nThis issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.\r\n\r\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-43622"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45648",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Improper Input Validation vulnerability in Apache Tomcat.Tomcat\u00a0from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially \r\ncrafted, invalid trailer header could cause Tomcat to treat a single \r\nrequest as multiple requests leading to the possibility of request \r\nsmuggling when behind a reverse proxy.\r\n\r\nUsers are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-45648"
},
{
"cve": "CVE-2023-45802",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request\u0027s memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.\r\n\r\nThis was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During \"normal\" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.\r\n\r\nUsers are recommended to upgrade to version 2.4.58, which fixes the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-45802"
},
{
"cve": "CVE-2023-46120",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer. This vulnerability was patched in version 5.18.0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-46120"
},
{
"cve": "CVE-2023-46280",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-46280"
},
{
"cve": "CVE-2023-46589",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-52425",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2024-0985",
"cwe": {
"id": "CWE-271",
"name": "Privilege Dropping / Lowering Errors"
},
"notes": [
{
"category": "summary",
"text": "Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materialized views. The victim is a superuser or member of one of the attacker\u0027s roles. The attack requires luring the victim into running REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker\u0027s materialized view. Versions before PostgreSQL 16.2, 15.6, 14.11, 13.14, and 12.18 are affected.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-0985"
},
{
"cve": "CVE-2024-25062",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-28182",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28757",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-28757"
},
{
"cve": "CVE-2024-36398",
"cwe": {
"id": "CWE-250",
"name": "Execution with Unnecessary Privileges"
},
"notes": [
{
"category": "summary",
"text": "The affected application executes a subset of its services as `NT AUTHORITY\\SYSTEM`. This could allow a local attacker to execute operating system commands with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36398"
},
{
"cve": "CVE-2024-41938",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "summary",
"text": "The importCertificate function of the SINEC NMS Control web application contains a path traversal vulnerability. This could allow an authenticated attacker it to delete arbitrary certificate files on the drive SINEC NMS is installed on.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41938"
},
{
"cve": "CVE-2024-41939",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "summary",
"text": "The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and elevate their privileges on the application.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41939"
},
{
"cve": "CVE-2024-41940",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The affected application does not properly validate user input to a privileged command queue. This could allow an authenticated attacker to execute OS commands with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41940"
},
{
"cve": "CVE-2024-41941",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"notes": [
{
"category": "summary",
"text": "The affected application does not properly enforce authorization checks. This could allow an authenticated attacker to bypass the checks and modify settings in the application without authorization.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V3.0 or later version",
"product_ids": [
"1"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109973059/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41941"
}
]
}
SUSE-SU-2024:1129-1
Vulnerability from csaf_suse - Published: 2024-04-08 07:12 - Updated: 2024-04-08 07:12Summary
Security update for expat
Severity
Important
Notes
Title of the patch: Security update for expat
Description of the patch: This update for expat fixes the following issues:
- CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559)
- CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)
Patchnames: SUSE-2024-1129,SUSE-SLE-Micro-5.3-2024-1129,SUSE-SLE-Micro-5.4-2024-1129,SUSE-SLE-Micro-5.5-2024-1129,SUSE-SLE-Module-Basesystem-15-SP5-2024-1129,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1129,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1129,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1129,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1129,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1129,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1129,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1129,openSUSE-Leap-Micro-5.3-2024-1129,openSUSE-Leap-Micro-5.4-2024-1129,openSUSE-SLE-15.5-2024-1129
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
90 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
90 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559) \n- CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1129,SUSE-SLE-Micro-5.3-2024-1129,SUSE-SLE-Micro-5.4-2024-1129,SUSE-SLE-Micro-5.5-2024-1129,SUSE-SLE-Module-Basesystem-15-SP5-2024-1129,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1129,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1129,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1129,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1129,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1129,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1129,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1129,openSUSE-Leap-Micro-5.3-2024-1129,openSUSE-Leap-Micro-5.4-2024-1129,openSUSE-SLE-15.5-2024-1129",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1129-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1129-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241129-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1129-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018262.html"
},
{
"category": "self",
"summary": "SUSE Bug 1219559",
"url": "https://bugzilla.suse.com/1219559"
},
{
"category": "self",
"summary": "SUSE Bug 1221289",
"url": "https://bugzilla.suse.com/1221289"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52425 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28757 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28757/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2024-04-08T07:12:10Z",
"generator": {
"date": "2024-04-08T07:12:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1129-1",
"initial_release_date": "2024-04-08T07:12:10Z",
"revision_history": [
{
"date": "2024-04-08T07:12:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "expat-2.4.4-150400.3.17.1.aarch64",
"product": {
"name": "expat-2.4.4-150400.3.17.1.aarch64",
"product_id": "expat-2.4.4-150400.3.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"product": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"product_id": "libexpat-devel-2.4.4-150400.3.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"product": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"product_id": "libexpat1-2.4.4-150400.3.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat-devel-64bit-2.4.4-150400.3.17.1.aarch64_ilp32",
"product": {
"name": "libexpat-devel-64bit-2.4.4-150400.3.17.1.aarch64_ilp32",
"product_id": "libexpat-devel-64bit-2.4.4-150400.3.17.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libexpat1-64bit-2.4.4-150400.3.17.1.aarch64_ilp32",
"product": {
"name": "libexpat1-64bit-2.4.4-150400.3.17.1.aarch64_ilp32",
"product_id": "libexpat1-64bit-2.4.4-150400.3.17.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.4.4-150400.3.17.1.i586",
"product": {
"name": "expat-2.4.4-150400.3.17.1.i586",
"product_id": "expat-2.4.4-150400.3.17.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.4.4-150400.3.17.1.i586",
"product": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.i586",
"product_id": "libexpat-devel-2.4.4-150400.3.17.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat1-2.4.4-150400.3.17.1.i586",
"product": {
"name": "libexpat1-2.4.4-150400.3.17.1.i586",
"product_id": "libexpat1-2.4.4-150400.3.17.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.4.4-150400.3.17.1.ppc64le",
"product": {
"name": "expat-2.4.4-150400.3.17.1.ppc64le",
"product_id": "expat-2.4.4-150400.3.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"product": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"product_id": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"product": {
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"product_id": "libexpat1-2.4.4-150400.3.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.4.4-150400.3.17.1.s390x",
"product": {
"name": "expat-2.4.4-150400.3.17.1.s390x",
"product_id": "expat-2.4.4-150400.3.17.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.4.4-150400.3.17.1.s390x",
"product": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.s390x",
"product_id": "libexpat-devel-2.4.4-150400.3.17.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-2.4.4-150400.3.17.1.s390x",
"product": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x",
"product_id": "libexpat1-2.4.4-150400.3.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.4.4-150400.3.17.1.x86_64",
"product": {
"name": "expat-2.4.4-150400.3.17.1.x86_64",
"product_id": "expat-2.4.4-150400.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"product": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"product_id": "libexpat-devel-2.4.4-150400.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"product": {
"name": "libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"product_id": "libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"product": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"product_id": "libexpat1-2.4.4-150400.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"product": {
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"product_id": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap Micro 5.3",
"product": {
"name": "openSUSE Leap Micro 5.3",
"product_id": "openSUSE Leap Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap Micro 5.4",
"product": {
"name": "openSUSE Leap Micro 5.4",
"product_id": "openSUSE Leap Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "expat-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "expat-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "expat-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "expat-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "expat-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:expat-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "expat-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "expat-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of openSUSE Leap Micro 5.3",
"product_id": "openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of openSUSE Leap Micro 5.3",
"product_id": "openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of openSUSE Leap Micro 5.4",
"product_id": "openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x as component of openSUSE Leap Micro 5.4",
"product_id": "openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of openSUSE Leap Micro 5.4",
"product_id": "openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "expat-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "expat-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.4.4-150400.3.17.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "expat-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52425"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52425",
"url": "https://www.suse.com/security/cve/CVE-2023-52425"
},
{
"category": "external",
"summary": "SUSE Bug 1219559 for CVE-2023-52425",
"url": "https://bugzilla.suse.com/1219559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-08T07:12:10Z",
"details": "moderate"
}
],
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2024-28757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28757"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28757",
"url": "https://www.suse.com/security/cve/CVE-2024-28757"
},
{
"category": "external",
"summary": "SUSE Bug 1221289 for CVE-2024-28757",
"url": "https://bugzilla.suse.com/1221289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Proxy 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:expat-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Manager Server 4.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"SUSE Manager Server 4.3:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:expat-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap 15.5:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap 15.5:libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.3:libexpat1-2.4.4-150400.3.17.1.x86_64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.aarch64",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.s390x",
"openSUSE Leap Micro 5.4:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-08T07:12:10Z",
"details": "important"
}
],
"title": "CVE-2024-28757"
}
]
}
SUSE-SU-2024:1129-2
Vulnerability from csaf_suse - Published: 2024-04-08 07:12 - Updated: 2024-04-08 07:12Summary
Security update for expat
Severity
Important
Notes
Title of the patch: Security update for expat
Description of the patch: This update for expat fixes the following issues:
- CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559)
- CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)
Patchnames: SUSE-2024-1129,SUSE-SLE-Micro-5.5-2024-1129
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559) \n- CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1129,SUSE-SLE-Micro-5.5-2024-1129",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1129-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1129-2",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241129-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1129-2",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-August/036541.html"
},
{
"category": "self",
"summary": "SUSE Bug 1219559",
"url": "https://bugzilla.suse.com/1219559"
},
{
"category": "self",
"summary": "SUSE Bug 1221289",
"url": "https://bugzilla.suse.com/1221289"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52425 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28757 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28757/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2024-04-08T07:12:27Z",
"generator": {
"date": "2024-04-08T07:12:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1129-2",
"initial_release_date": "2024-04-08T07:12:27Z",
"revision_history": [
{
"date": "2024-04-08T07:12:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "expat-2.4.4-150400.3.17.1.aarch64",
"product": {
"name": "expat-2.4.4-150400.3.17.1.aarch64",
"product_id": "expat-2.4.4-150400.3.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"product": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.aarch64",
"product_id": "libexpat-devel-2.4.4-150400.3.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"product": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"product_id": "libexpat1-2.4.4-150400.3.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat-devel-64bit-2.4.4-150400.3.17.1.aarch64_ilp32",
"product": {
"name": "libexpat-devel-64bit-2.4.4-150400.3.17.1.aarch64_ilp32",
"product_id": "libexpat-devel-64bit-2.4.4-150400.3.17.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libexpat1-64bit-2.4.4-150400.3.17.1.aarch64_ilp32",
"product": {
"name": "libexpat1-64bit-2.4.4-150400.3.17.1.aarch64_ilp32",
"product_id": "libexpat1-64bit-2.4.4-150400.3.17.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.4.4-150400.3.17.1.i586",
"product": {
"name": "expat-2.4.4-150400.3.17.1.i586",
"product_id": "expat-2.4.4-150400.3.17.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.4.4-150400.3.17.1.i586",
"product": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.i586",
"product_id": "libexpat-devel-2.4.4-150400.3.17.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat1-2.4.4-150400.3.17.1.i586",
"product": {
"name": "libexpat1-2.4.4-150400.3.17.1.i586",
"product_id": "libexpat1-2.4.4-150400.3.17.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.4.4-150400.3.17.1.ppc64le",
"product": {
"name": "expat-2.4.4-150400.3.17.1.ppc64le",
"product_id": "expat-2.4.4-150400.3.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"product": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le",
"product_id": "libexpat-devel-2.4.4-150400.3.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"product": {
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"product_id": "libexpat1-2.4.4-150400.3.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.4.4-150400.3.17.1.s390x",
"product": {
"name": "expat-2.4.4-150400.3.17.1.s390x",
"product_id": "expat-2.4.4-150400.3.17.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.4.4-150400.3.17.1.s390x",
"product": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.s390x",
"product_id": "libexpat-devel-2.4.4-150400.3.17.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-2.4.4-150400.3.17.1.s390x",
"product": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x",
"product_id": "libexpat1-2.4.4-150400.3.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.4.4-150400.3.17.1.x86_64",
"product": {
"name": "expat-2.4.4-150400.3.17.1.x86_64",
"product_id": "expat-2.4.4-150400.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"product": {
"name": "libexpat-devel-2.4.4-150400.3.17.1.x86_64",
"product_id": "libexpat-devel-2.4.4-150400.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"product": {
"name": "libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64",
"product_id": "libexpat-devel-32bit-2.4.4-150400.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"product": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"product_id": "libexpat1-2.4.4-150400.3.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"product": {
"name": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64",
"product_id": "libexpat1-32bit-2.4.4-150400.3.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.4.4-150400.3.17.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64"
},
"product_reference": "libexpat1-2.4.4-150400.3.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52425"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52425",
"url": "https://www.suse.com/security/cve/CVE-2023-52425"
},
{
"category": "external",
"summary": "SUSE Bug 1219559 for CVE-2023-52425",
"url": "https://bugzilla.suse.com/1219559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-08T07:12:27Z",
"details": "moderate"
}
],
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2024-28757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28757"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28757",
"url": "https://www.suse.com/security/cve/CVE-2024-28757"
},
{
"category": "external",
"summary": "SUSE Bug 1221289 for CVE-2024-28757",
"url": "https://bugzilla.suse.com/1221289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.4.4-150400.3.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-08T07:12:27Z",
"details": "important"
}
],
"title": "CVE-2024-28757"
}
]
}
SUSE-SU-2025:20045-1
Vulnerability from csaf_suse - Published: 2025-02-03 08:54 - Updated: 2025-02-03 08:54Summary
Security update for expat
Severity
Important
Notes
Title of the patch: Security update for expat
Description of the patch: This update for expat fixes the following issues:
- CVE-2024-45492: detect integer overflow in function nextScaffoldPart (bsc#1229932)
- CVE-2024-45491: detect integer overflow in dtdCopy (bsc#1229931)
- CVE-2024-45490: reject negative len for XML_ParseBuffer (bsc#1229930)
- CVE-2024-28757: XML Entity Expansion attack when there is isolated use of external parsers (bsc#1221289)
Patchnames: SUSE-SLE-Micro-6.0-44
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2024-45492: detect integer overflow in function nextScaffoldPart (bsc#1229932) \n- CVE-2024-45491: detect integer overflow in dtdCopy (bsc#1229931)\n- CVE-2024-45490: reject negative len for XML_ParseBuffer (bsc#1229930)\n- CVE-2024-28757: XML Entity Expansion attack when there is isolated use of external parsers (bsc#1221289) \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-44",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20045-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20045-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520045-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20045-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021308.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221289",
"url": "https://bugzilla.suse.com/1221289"
},
{
"category": "self",
"summary": "SUSE Bug 1229930",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "self",
"summary": "SUSE Bug 1229931",
"url": "https://bugzilla.suse.com/1229931"
},
{
"category": "self",
"summary": "SUSE Bug 1229932",
"url": "https://bugzilla.suse.com/1229932"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28757 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45490 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45491 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45492 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45492/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-02-03T08:54:55Z",
"generator": {
"date": "2025-02-03T08:54:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20045-1",
"initial_release_date": "2025-02-03T08:54:55Z",
"revision_history": [
{
"date": "2025-02-03T08:54:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.5.0-3.1.aarch64",
"product": {
"name": "libexpat1-2.5.0-3.1.aarch64",
"product_id": "libexpat1-2.5.0-3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.5.0-3.1.s390x",
"product": {
"name": "libexpat1-2.5.0-3.1.s390x",
"product_id": "libexpat1-2.5.0-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.5.0-3.1.x86_64",
"product": {
"name": "libexpat1-2.5.0-3.1.x86_64",
"product_id": "libexpat1-2.5.0-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.5.0-3.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64"
},
"product_reference": "libexpat1-2.5.0-3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.5.0-3.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x"
},
"product_reference": "libexpat1-2.5.0-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.5.0-3.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
},
"product_reference": "libexpat1-2.5.0-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28757"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28757",
"url": "https://www.suse.com/security/cve/CVE-2024-28757"
},
{
"category": "external",
"summary": "SUSE Bug 1221289 for CVE-2024-28757",
"url": "https://bugzilla.suse.com/1221289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:54:55Z",
"details": "important"
}
],
"title": "CVE-2024-28757"
},
{
"cve": "CVE-2024-45490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45490"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45490",
"url": "https://www.suse.com/security/cve/CVE-2024-45490"
},
{
"category": "external",
"summary": "SUSE Bug 1229930 for CVE-2024-45490",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "external",
"summary": "SUSE Bug 1229962 for CVE-2024-45490",
"url": "https://bugzilla.suse.com/1229962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:54:55Z",
"details": "moderate"
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45491"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45491",
"url": "https://www.suse.com/security/cve/CVE-2024-45491"
},
{
"category": "external",
"summary": "SUSE Bug 1229930 for CVE-2024-45491",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "external",
"summary": "SUSE Bug 1229931 for CVE-2024-45491",
"url": "https://bugzilla.suse.com/1229931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:54:55Z",
"details": "moderate"
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45492"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45492",
"url": "https://www.suse.com/security/cve/CVE-2024-45492"
},
{
"category": "external",
"summary": "SUSE Bug 1229930 for CVE-2024-45492",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "external",
"summary": "SUSE Bug 1229932 for CVE-2024-45492",
"url": "https://bugzilla.suse.com/1229932"
},
{
"category": "external",
"summary": "SUSE Bug 1229964 for CVE-2024-45492",
"url": "https://bugzilla.suse.com/1229964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.5.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:54:55Z",
"details": "moderate"
}
],
"title": "CVE-2024-45492"
}
]
}
SUSE-SU-2025:20207-1
Vulnerability from csaf_suse - Published: 2025-04-29 11:07 - Updated: 2025-04-29 11:07Summary
Security update for expat
Severity
Important
Notes
Title of the patch: Security update for expat
Description of the patch: This update for expat fixes the following issues:
Version update to 2.7.1:
* Bug fixes:
* Restore event pointer behavior from Expat 2.6.4 (that the fix to CVE-2024-8176 changed in 2.7.0);
affected API functions are:
- XML_GetCurrentByteCount
- XML_GetCurrentByteIndex
- XML_GetCurrentColumnNumber
- XML_GetCurrentLineNumber
- XML_GetInputContext
* Other changes:
#976 #977 Autotools: Integrate files "fuzz/xml_lpm_fuzzer.{cpp,proto}"
with Automake that were missing from 2.7.0 release tarballs
#983 #984 Fix printf format specifiers for 32bit Emscripten
#992 docs: Promote OpenSSF Best Practices self-certification
#978 tests/benchmark: Resolve mistaken double close
#986 Address compiler warnings
#990 #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1)
to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/
for what these numbers do
Infrastructure:
#982 CI: Start running Perl XML::Parser integration tests
#987 CI: Enforce Clang Static Analyzer clean code
#991 CI: Re-enable warning clang-analyzer-valist.Uninitialized
for clang-tidy
#981 CI: Cover compilation with musl
#983 #984 CI: Cover compilation with 32bit Emscripten
#976 #977 CI: Protect against fuzzer files missing from future
release archives
Version update to 2.7.0 (CVE-2024-8176 [bsc#1239618])
* Security fixes:
* CVE-2024-8176 -- Fix crash from chaining a large number
of entities caused by stack overflow by resolving use of
recursion, for all three uses of entities:
- general entities in character data ("<e>&g1;</e>")
- general entities in attribute values ("<e k1='&g1;'/>")
- parameter entities ("%p1;")
Known impact is (reliable and easy) denial of service:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C
(Base Score: 7.5, Temporal Score: 7.2)
Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
* Other changes:
* Document changes since the previous release
* Version info bumped from 11:0:10 (libexpat*.so.1.10.0)
to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/
for what these numbers do
Version update to 2.6.4:
* Security fixes: [bsc#1232601][bsc#1232579]
* CVE-2024-50602 -- Fix crash within function XML_ResumeParser
from a NULL pointer dereference by disallowing function
XML_StopParser to (stop or) suspend an unstarted parser.
A new error code XML_ERROR_NOT_STARTED was introduced to
properly communicate this situation. // CWE-476 CWE-754
* Other changes:
* Version info bumped from 10:3:9 (libexpat*.so.1.9.3)
to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/
for what these numbers do
Update to 2.6.3:
* Security fixes:
- CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with
len < 0 without noticing and then calling XML_GetBuffer
will have XML_ParseBuffer fail to recognize the problem
and XML_GetBuffer corrupt memory.
With the fix, XML_ParseBuffer now complains with error
XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse
has been doing since Expat 2.2.1, and now documented.
Impact is denial of service to potentially artitrary code
execution.
- CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an
integer overflow for nDefaultAtts on 32-bit platforms
(where UINT_MAX equals SIZE_MAX).
Impact is denial of service to potentially artitrary code
execution.
- CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can
have an integer overflow for m_groupSize on 32-bit
platforms (where UINT_MAX equals SIZE_MAX).
Impact is denial of service to potentially artitrary code
execution.
* Other changes:
- Version info bumped from 10:2:9 (libexpat*.so.1.9.2)
to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/
for what these numbers do
Update to 2.6.2:
* CVE-2024-28757 -- Prevent billion laughs attacks with isolated
use of external parsers (bsc#1221289)
* Reject direct parameter entity recursion and avoid the related
undefined behavior
Update to 2.6.1:
* Expose billion laughs API with XML_DTD defined and XML_GE
undefined, regression from 2.6.0
* Make tests independent of CPU speed, and thus more robust
Update to 2.6.0:
* Security fixes:
- CVE-2023-52425 (bsc#1219559)
Fix quadratic runtime issues with big tokens
that can cause denial of service, in partial where
dealing with compressed XML input. Applications
that parsed a document in one go -- a single call to
functions XML_Parse or XML_ParseBuffer -- were not affected.
The smaller the chunks/buffers you use for parsing
previously, the bigger the problem prior to the fix.
Backporters should be careful to no omit parts of
pull request #789 and to include earlier pull request #771,
in order to not break the fix.
- CVE-2023-52426 (bsc#1219561)
Fix billion laughs attacks for users
compiling *without* XML_DTD defined (which is not common).
Users with XML_DTD defined have been protected since
Expat >=2.4.0 (and that was CVE-2013-0340 back then).
* Bug fixes:
- Fix parse-size-dependent "invalid token" error for
external entities that start with a byte order mark
- Fix NULL pointer dereference in setContext via
XML_ExternalEntityParserCreate for compilation with
XML_DTD undefined
- Protect against closing entities out of order
* Other changes:
- Improve support for arc4random/arc4random_buf
- Improve buffer growth in XML_GetBuffer and XML_Parse
- xmlwf: Support --help and --version
- xmlwf: Support custom buffer size for XML_GetBuffer and read
- xmlwf: Improve language and URL clickability in help output
- examples: Add new example "element_declarations.c"
- Be stricter about macro XML_CONTEXT_BYTES at build time
- Make inclusion to expat_config.h consistent
- Autotools: configure.ac: Support --disable-maintainer-mode
- Autotools: Sync CMake templates with CMake 3.26
- Autotools: Make installation of shipped man page doc/xmlwf.1
independent of docbook2man availability
- Autotools|CMake: Add missing -DXML_STATIC to pkg-config file
section "Cflags.private" in order to fix compilation
against static libexpat using pkg-config on Windows
- Autotools|CMake: Require a C99 compiler
(a de-facto requirement already since Expat 2.2.2 of 2017)
- Autotools|CMake: Fix PACKAGE_BUGREPORT variable
- Autotools|CMake: Make test suite require a C++11 compiler
- CMake: Require CMake >=3.5.0
- CMake: Lowercase off_t and size_t to help a bug in Meson
- CMake: Sort xmlwf sources alphabetically
- CMake|Windows: Fix generation of DLL file version info
- CMake: Build tests/benchmark/benchmark.c as well for
a build with -DEXPAT_BUILD_TESTS=ON
- docs: Document the importance of isFinal + adjust tests
accordingly
- docs: Improve use of "NULL" and "null"
- docs: Be specific about version of XML (XML 1.0r4)
and version of C (C99); (XML 1.0r5 will need a sponsor.)
- docs: reference.html: Promote function XML_ParseBuffer more
- docs: reference.html: Add HTML anchors to XML_* macros
- docs: reference.html: Upgrade to OK.css 1.2.0
- docs: Fix typos
- docs|CI: Use HTTPS URLs instead of HTTP at various places
- Address compiler warnings
- Address clang-tidy warnings
- Version info bumped from 9:10:8 (libexpat*.so.1.8.10)
to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/
for what these numbers do
Patchnames: SUSE-SLE-Micro-6.0-304
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
49 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\nVersion update to 2.7.1:\n\n* Bug fixes:\n\n * Restore event pointer behavior from Expat 2.6.4 (that the fix to CVE-2024-8176 changed in 2.7.0);\n affected API functions are:\n\n - XML_GetCurrentByteCount\n - XML_GetCurrentByteIndex\n - XML_GetCurrentColumnNumber\n - XML_GetCurrentLineNumber\n - XML_GetInputContext\n\n * Other changes:\n #976 #977 Autotools: Integrate files \"fuzz/xml_lpm_fuzzer.{cpp,proto}\"\n with Automake that were missing from 2.7.0 release tarballs\n #983 #984 Fix printf format specifiers for 32bit Emscripten\n #992 docs: Promote OpenSSF Best Practices self-certification\n #978 tests/benchmark: Resolve mistaken double close\n #986 Address compiler warnings\n #990 #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1)\n to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/\n for what these numbers do\n\n Infrastructure:\n #982 CI: Start running Perl XML::Parser integration tests\n #987 CI: Enforce Clang Static Analyzer clean code\n #991 CI: Re-enable warning clang-analyzer-valist.Uninitialized\n for clang-tidy\n #981 CI: Cover compilation with musl\n #983 #984 CI: Cover compilation with 32bit Emscripten\n #976 #977 CI: Protect against fuzzer files missing from future\n release archives\n\nVersion update to 2.7.0 (CVE-2024-8176 [bsc#1239618])\n\n* Security fixes:\n * CVE-2024-8176 -- Fix crash from chaining a large number\n of entities caused by stack overflow by resolving use of\n recursion, for all three uses of entities:\n - general entities in character data (\"\u003ce\u003e\u0026g1;\u003c/e\u003e\")\n - general entities in attribute values (\"\u003ce k1=\u0027\u0026g1;\u0027/\u003e\")\n - parameter entities (\"%p1;\")\n\n Known impact is (reliable and easy) denial of service:\n\n CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C\n\n (Base Score: 7.5, Temporal Score: 7.2)\n\n Please note that a layer of compression around XML can\n significantly reduce the minimum attack payload size.\n\n * Other changes:\n * Document changes since the previous release\n * Version info bumped from 11:0:10 (libexpat*.so.1.10.0)\n to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/\n for what these numbers do\n\nVersion update to 2.6.4:\n\n * Security fixes: [bsc#1232601][bsc#1232579]\n * CVE-2024-50602 -- Fix crash within function XML_ResumeParser\n from a NULL pointer dereference by disallowing function\n XML_StopParser to (stop or) suspend an unstarted parser.\n A new error code XML_ERROR_NOT_STARTED was introduced to\n properly communicate this situation. // CWE-476 CWE-754\n * Other changes:\n * Version info bumped from 10:3:9 (libexpat*.so.1.9.3)\n to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/\n for what these numbers do\n\nUpdate to 2.6.3:\n\n * Security fixes:\n - CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with\n len \u003c 0 without noticing and then calling XML_GetBuffer\n will have XML_ParseBuffer fail to recognize the problem\n and XML_GetBuffer corrupt memory.\n With the fix, XML_ParseBuffer now complains with error\n XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse\n has been doing since Expat 2.2.1, and now documented.\n Impact is denial of service to potentially artitrary code\n execution.\n - CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an\n integer overflow for nDefaultAtts on 32-bit platforms\n (where UINT_MAX equals SIZE_MAX).\n Impact is denial of service to potentially artitrary code\n execution.\n - CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can\n have an integer overflow for m_groupSize on 32-bit\n platforms (where UINT_MAX equals SIZE_MAX).\n Impact is denial of service to potentially artitrary code\n execution.\n\n * Other changes:\n\n - Version info bumped from 10:2:9 (libexpat*.so.1.9.2)\n to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/\n for what these numbers do \n\nUpdate to 2.6.2:\n\n * CVE-2024-28757 -- Prevent billion laughs attacks with isolated\n use of external parsers (bsc#1221289)\n * Reject direct parameter entity recursion and avoid the related\n undefined behavior\n\nUpdate to 2.6.1:\n\n * Expose billion laughs API with XML_DTD defined and XML_GE\n undefined, regression from 2.6.0\n * Make tests independent of CPU speed, and thus more robust\n\nUpdate to 2.6.0: \n\n * Security fixes:\n - CVE-2023-52425 (bsc#1219559) \n Fix quadratic runtime issues with big tokens\n that can cause denial of service, in partial where\n dealing with compressed XML input. Applications\n that parsed a document in one go -- a single call to\n functions XML_Parse or XML_ParseBuffer -- were not affected.\n The smaller the chunks/buffers you use for parsing\n previously, the bigger the problem prior to the fix.\n Backporters should be careful to no omit parts of\n pull request #789 and to include earlier pull request #771,\n in order to not break the fix.\n - CVE-2023-52426 (bsc#1219561)\n Fix billion laughs attacks for users\n compiling *without* XML_DTD defined (which is not common).\n Users with XML_DTD defined have been protected since\n Expat \u003e=2.4.0 (and that was CVE-2013-0340 back then).\n * Bug fixes:\n - Fix parse-size-dependent \"invalid token\" error for\n external entities that start with a byte order mark\n - Fix NULL pointer dereference in setContext via\n XML_ExternalEntityParserCreate for compilation with\n XML_DTD undefined\n - Protect against closing entities out of order\n * Other changes:\n - Improve support for arc4random/arc4random_buf\n - Improve buffer growth in XML_GetBuffer and XML_Parse\n - xmlwf: Support --help and --version\n - xmlwf: Support custom buffer size for XML_GetBuffer and read\n - xmlwf: Improve language and URL clickability in help output\n - examples: Add new example \"element_declarations.c\"\n - Be stricter about macro XML_CONTEXT_BYTES at build time\n - Make inclusion to expat_config.h consistent\n - Autotools: configure.ac: Support --disable-maintainer-mode\n - Autotools: Sync CMake templates with CMake 3.26\n - Autotools: Make installation of shipped man page doc/xmlwf.1\n independent of docbook2man availability\n - Autotools|CMake: Add missing -DXML_STATIC to pkg-config file\n section \"Cflags.private\" in order to fix compilation\n against static libexpat using pkg-config on Windows\n - Autotools|CMake: Require a C99 compiler\n (a de-facto requirement already since Expat 2.2.2 of 2017)\n - Autotools|CMake: Fix PACKAGE_BUGREPORT variable\n - Autotools|CMake: Make test suite require a C++11 compiler\n - CMake: Require CMake \u003e=3.5.0\n - CMake: Lowercase off_t and size_t to help a bug in Meson\n - CMake: Sort xmlwf sources alphabetically\n - CMake|Windows: Fix generation of DLL file version info\n - CMake: Build tests/benchmark/benchmark.c as well for\n a build with -DEXPAT_BUILD_TESTS=ON\n - docs: Document the importance of isFinal + adjust tests\n accordingly\n - docs: Improve use of \"NULL\" and \"null\"\n - docs: Be specific about version of XML (XML 1.0r4)\n and version of C (C99); (XML 1.0r5 will need a sponsor.)\n - docs: reference.html: Promote function XML_ParseBuffer more\n - docs: reference.html: Add HTML anchors to XML_* macros\n - docs: reference.html: Upgrade to OK.css 1.2.0\n - docs: Fix typos\n - docs|CI: Use HTTPS URLs instead of HTTP at various places\n - Address compiler warnings\n - Address clang-tidy warnings\n - Version info bumped from 9:10:8 (libexpat*.so.1.8.10)\n to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/\n for what these numbers do\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-304",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20207-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20207-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520207-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20207-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021128.html"
},
{
"category": "self",
"summary": "SUSE Bug 1219559",
"url": "https://bugzilla.suse.com/1219559"
},
{
"category": "self",
"summary": "SUSE Bug 1219561",
"url": "https://bugzilla.suse.com/1219561"
},
{
"category": "self",
"summary": "SUSE Bug 1221289",
"url": "https://bugzilla.suse.com/1221289"
},
{
"category": "self",
"summary": "SUSE Bug 1229930",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "self",
"summary": "SUSE Bug 1229931",
"url": "https://bugzilla.suse.com/1229931"
},
{
"category": "self",
"summary": "SUSE Bug 1229932",
"url": "https://bugzilla.suse.com/1229932"
},
{
"category": "self",
"summary": "SUSE Bug 1232579",
"url": "https://bugzilla.suse.com/1232579"
},
{
"category": "self",
"summary": "SUSE Bug 1232601",
"url": "https://bugzilla.suse.com/1232601"
},
{
"category": "self",
"summary": "SUSE Bug 1239618",
"url": "https://bugzilla.suse.com/1239618"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0340 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52425 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52426 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52426/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28757 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45490 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45491 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45492 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50602 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-8176 page",
"url": "https://www.suse.com/security/cve/CVE-2024-8176/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-04-29T11:07:45Z",
"generator": {
"date": "2025-04-29T11:07:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20207-1",
"initial_release_date": "2025-04-29T11:07:45Z",
"revision_history": [
{
"date": "2025-04-29T11:07:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-1.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-1.1.aarch64",
"product_id": "libexpat1-2.7.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-1.1.s390x",
"product": {
"name": "libexpat1-2.7.1-1.1.s390x",
"product_id": "libexpat1-2.7.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-1.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-1.1.x86_64",
"product_id": "libexpat1-2.7.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-1.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-1.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x"
},
"product_reference": "libexpat1-2.7.1-1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-1.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0340"
}
],
"notes": [
{
"category": "general",
"text": "expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0340",
"url": "https://www.suse.com/security/cve/CVE-2013-0340"
},
{
"category": "external",
"summary": "SUSE Bug 805236 for CVE-2013-0340",
"url": "https://bugzilla.suse.com/805236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T11:07:45Z",
"details": "moderate"
}
],
"title": "CVE-2013-0340"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T11:07:45Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
},
{
"cve": "CVE-2023-52425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52425"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52425",
"url": "https://www.suse.com/security/cve/CVE-2023-52425"
},
{
"category": "external",
"summary": "SUSE Bug 1219559 for CVE-2023-52425",
"url": "https://bugzilla.suse.com/1219559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T11:07:45Z",
"details": "moderate"
}
],
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52426"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52426",
"url": "https://www.suse.com/security/cve/CVE-2023-52426"
},
{
"category": "external",
"summary": "SUSE Bug 1219561 for CVE-2023-52426",
"url": "https://bugzilla.suse.com/1219561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T11:07:45Z",
"details": "moderate"
}
],
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2024-28757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28757"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28757",
"url": "https://www.suse.com/security/cve/CVE-2024-28757"
},
{
"category": "external",
"summary": "SUSE Bug 1221289 for CVE-2024-28757",
"url": "https://bugzilla.suse.com/1221289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T11:07:45Z",
"details": "important"
}
],
"title": "CVE-2024-28757"
},
{
"cve": "CVE-2024-45490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45490"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45490",
"url": "https://www.suse.com/security/cve/CVE-2024-45490"
},
{
"category": "external",
"summary": "SUSE Bug 1229930 for CVE-2024-45490",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "external",
"summary": "SUSE Bug 1229962 for CVE-2024-45490",
"url": "https://bugzilla.suse.com/1229962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T11:07:45Z",
"details": "moderate"
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45491"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45491",
"url": "https://www.suse.com/security/cve/CVE-2024-45491"
},
{
"category": "external",
"summary": "SUSE Bug 1229930 for CVE-2024-45491",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "external",
"summary": "SUSE Bug 1229931 for CVE-2024-45491",
"url": "https://bugzilla.suse.com/1229931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T11:07:45Z",
"details": "moderate"
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45492"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45492",
"url": "https://www.suse.com/security/cve/CVE-2024-45492"
},
{
"category": "external",
"summary": "SUSE Bug 1229930 for CVE-2024-45492",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "external",
"summary": "SUSE Bug 1229932 for CVE-2024-45492",
"url": "https://bugzilla.suse.com/1229932"
},
{
"category": "external",
"summary": "SUSE Bug 1229964 for CVE-2024-45492",
"url": "https://bugzilla.suse.com/1229964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T11:07:45Z",
"details": "moderate"
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-50602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50602"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50602",
"url": "https://www.suse.com/security/cve/CVE-2024-50602"
},
{
"category": "external",
"summary": "SUSE Bug 1232579 for CVE-2024-50602",
"url": "https://bugzilla.suse.com/1232579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T11:07:45Z",
"details": "moderate"
}
],
"title": "CVE-2024-50602"
},
{
"cve": "CVE-2024-8176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-8176"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-8176",
"url": "https://www.suse.com/security/cve/CVE-2024-8176"
},
{
"category": "external",
"summary": "SUSE Bug 1239618 for CVE-2024-8176",
"url": "https://bugzilla.suse.com/1239618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T11:07:45Z",
"details": "important"
}
],
"title": "CVE-2024-8176"
}
]
}
SUSE-SU-2025:20311-1
Vulnerability from csaf_suse - Published: 2025-05-13 13:37 - Updated: 2025-05-13 13:37Summary
Security update for expat
Severity
Important
Notes
Title of the patch: Security update for expat
Description of the patch: This update for expat fixes the following issues:
Version update to 2.7.1:
Bug fixes:
#980 #989 Restore event pointer behavior from Expat 2.6.4
(that the fix to CVE-2024-8176 changed in 2.7.0);
affected API functions are:
- XML_GetCurrentByteCount
- XML_GetCurrentByteIndex
- XML_GetCurrentColumnNumber
- XML_GetCurrentLineNumber
- XML_GetInputContext
Other changes:
#976 #977 Autotools: Integrate files "fuzz/xml_lpm_fuzzer.{cpp,proto}"
with Automake that were missing from 2.7.0 release tarballs
#983 #984 Fix printf format specifiers for 32bit Emscripten
#992 docs: Promote OpenSSF Best Practices self-certification
#978 tests/benchmark: Resolve mistaken double close
#986 Address compiler warnings
#990 #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1)
to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/
for what these numbers do
Infrastructure:
#982 CI: Start running Perl XML::Parser integration tests
#987 CI: Enforce Clang Static Analyzer clean code
#991 CI: Re-enable warning clang-analyzer-valist.Uninitialized
for clang-tidy
#981 CI: Cover compilation with musl
#983 #984 CI: Cover compilation with 32bit Emscripten
#976 #977 CI: Protect against fuzzer files missing from future
release archives
version update to 2.7.0 (CVE-2024-8176 [bsc#1239618]):
* Security fixes:
#893 #973 CVE-2024-8176 -- Fix crash from chaining a large number
of entities caused by stack overflow by resolving use of
recursion, for all three uses of entities:
- general entities in character data ("<e>&g1;</e>")
- general entities in attribute values ("<e k1='&g1;'/>")
- parameter entities ("%p1;")
Known impact is (reliable and easy) denial of service:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C
(Base Score: 7.5, Temporal Score: 7.2)
Please note that a layer of compression around XML can
significantly reduce the minimum attack payload size.
* Other changes:
#935 #937 Autotools: Make generated CMake files look for
libexpat.@SO_MAJOR@.dylib on macOS
#925 Autotools: Sync CMake templates with CMake 3.29
#945 #962 #966 CMake: Drop support for CMake <3.13
#942 CMake: Small fuzzing related improvements
#921 docs: Add missing documentation of error code
XML_ERROR_NOT_STARTED that was introduced with 2.6.4
#941 docs: Document need for C++11 compiler for use from C++
#959 tests/benchmark: Fix a (harmless) TOCTTOU
#944 Windows: Fix installer target location of file xmlwf.xml
for CMake
#953 Windows: Address warning -Wunknown-warning-option
about -Wno-pedantic-ms-format from LLVM MinGW
#971 Address Cppcheck warnings
#969 #970 Mass-migrate links from http:// to https://
#947 #958 ..
#974 #975 Document changes since the previous release
#974 #975 Version info bumped from 11:0:10 (libexpat*.so.1.10.0)
to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/
for what these numbers do
- no source changes, just adding jira reference: jsc#SLE-21253
Version update to 2.6.4
* Security fixes: [bsc#1232601][bsc#1232579]
#915 CVE-2024-50602 -- Fix crash within function XML_ResumeParser
from a NULL pointer dereference by disallowing function
XML_StopParser to (stop or) suspend an unstarted parser.
A new error code XML_ERROR_NOT_STARTED was introduced to
properly communicate this situation. // CWE-476 CWE-754
* Other changes:
#903 CMake: Add alias target "expat::expat"
#905 docs: Document use via CMake >=3.18 with FetchContent
and SOURCE_SUBDIR and its consequences
#902 tests: Reduce use of global parser instance
#904 tests: Resolve duplicate handler
#317 #918 tests: Improve tests on doctype closing (ex CVE-2019-15903)
#914 Fix signedness of format strings
#919 #920 Version info bumped from 10:3:9 (libexpat*.so.1.9.3)
to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/
for what these numbers do
Update to 2.6.3:
* Security fixes:
- CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with
len < 0 without noticing and then calling XML_GetBuffer
will have XML_ParseBuffer fail to recognize the problem
and XML_GetBuffer corrupt memory.
With the fix, XML_ParseBuffer now complains with error
XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse
has been doing since Expat 2.2.1, and now documented.
Impact is denial of service to potentially artitrary code
execution.
- CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an
integer overflow for nDefaultAtts on 32-bit platforms
(where UINT_MAX equals SIZE_MAX).
Impact is denial of service to potentially artitrary code
execution.
- CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can
have an integer overflow for m_groupSize on 32-bit
platforms (where UINT_MAX equals SIZE_MAX).
Impact is denial of service to potentially artitrary code
execution.
Update to 2.6.2:
* CVE-2024-28757 -- Prevent billion laughs attacks with isolated
use of external parsers (bsc#1221289)
* Reject direct parameter entity recursion and avoid the related
undefined behavior
Update to 2.6.1:
* Expose billion laughs API with XML_DTD defined and XML_GE
undefined, regression from 2.6.0
* Make tests independent of CPU speed, and thus more robust
Update to 2.6.0:
* Security fixes:
- CVE-2023-52425 (bsc#1219559)
-- Fix quadratic runtime issues with big tokens
that can cause denial of service, in partial where
dealing with compressed XML input. Applications
that parsed a document in one go -- a single call to
functions XML_Parse or XML_ParseBuffer -- were not affected.
The smaller the chunks/buffers you use for parsing
previously, the bigger the problem prior to the fix.
Backporters should be careful to no omit parts of
pull request #789 and to include earlier pull request #771,
in order to not break the fix.
- CVE-2023-52426 (bsc#1219561)
-- Fix billion laughs attacks for users
compiling *without* XML_DTD defined (which is not common).
Users with XML_DTD defined have been protected since
Expat >=2.4.0 (and that was CVE-2013-0340 back then).
* Bug fixes:
- Fix parse-size-dependent "invalid token" error for
external entities that start with a byte order mark
- Fix NULL pointer dereference in setContext via
XML_ExternalEntityParserCreate for compilation with
XML_DTD undefined
- Protect against closing entities out of order
* Other changes:
- Improve support for arc4random/arc4random_buf
- Improve buffer growth in XML_GetBuffer and XML_Parse
- xmlwf: Support --help and --version
- xmlwf: Support custom buffer size for XML_GetBuffer and read
- xmlwf: Improve language and URL clickability in help output
- examples: Add new example "element_declarations.c"
- Be stricter about macro XML_CONTEXT_BYTES at build time
- Make inclusion to expat_config.h consistent
- Autotools: configure.ac: Support --disable-maintainer-mode
- Autotools: Sync CMake templates with CMake 3.26
- Autotools: Make installation of shipped man page doc/xmlwf.1
independent of docbook2man availability
- Autotools|CMake: Add missing -DXML_STATIC to pkg-config file
section "Cflags.private" in order to fix compilation
against static libexpat using pkg-config on Windows
- Autotools|CMake: Require a C99 compiler
(a de-facto requirement already since Expat 2.2.2 of 2017)
- Autotools|CMake: Fix PACKAGE_BUGREPORT variable
- Autotools|CMake: Make test suite require a C++11 compiler
- CMake: Require CMake >=3.5.0
- CMake: Lowercase off_t and size_t to help a bug in Meson
- CMake: Sort xmlwf sources alphabetically
- CMake|Windows: Fix generation of DLL file version info
- CMake: Build tests/benchmark/benchmark.c as well for
a build with -DEXPAT_BUILD_TESTS=ON
- docs: Document the importance of isFinal + adjust tests
accordingly
- docs: Improve use of "NULL" and "null"
- docs: Be specific about version of XML (XML 1.0r4)
and version of C (C99); (XML 1.0r5 will need a sponsor.)
- docs: reference.html: Promote function XML_ParseBuffer more
- docs: reference.html: Add HTML anchors to XML_* macros
- docs: reference.html: Upgrade to OK.css 1.2.0
- docs: Fix typos
- docs|CI: Use HTTPS URLs instead of HTTP at various places
- Address compiler warnings
- Address clang-tidy warnings
- Version info bumped from 9:10:8 (libexpat*.so.1.8.10)
to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/
for what these numbers do
Patchnames: SUSE-SLE-Micro-6.1-108
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
49 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\nVersion update to 2.7.1:\n\n Bug fixes:\n\n #980 #989 Restore event pointer behavior from Expat 2.6.4\n (that the fix to CVE-2024-8176 changed in 2.7.0);\n affected API functions are:\n - XML_GetCurrentByteCount\n - XML_GetCurrentByteIndex\n - XML_GetCurrentColumnNumber\n - XML_GetCurrentLineNumber\n - XML_GetInputContext\n\n Other changes:\n\n #976 #977 Autotools: Integrate files \"fuzz/xml_lpm_fuzzer.{cpp,proto}\"\n with Automake that were missing from 2.7.0 release tarballs\n #983 #984 Fix printf format specifiers for 32bit Emscripten\n #992 docs: Promote OpenSSF Best Practices self-certification\n #978 tests/benchmark: Resolve mistaken double close\n #986 Address compiler warnings\n #990 #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1)\n to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/\n for what these numbers do\n\n Infrastructure:\n\n #982 CI: Start running Perl XML::Parser integration tests\n #987 CI: Enforce Clang Static Analyzer clean code\n #991 CI: Re-enable warning clang-analyzer-valist.Uninitialized\n for clang-tidy\n #981 CI: Cover compilation with musl\n #983 #984 CI: Cover compilation with 32bit Emscripten\n #976 #977 CI: Protect against fuzzer files missing from future\n release archives\n\nversion update to 2.7.0 (CVE-2024-8176 [bsc#1239618]):\n\n * Security fixes:\n\n #893 #973 CVE-2024-8176 -- Fix crash from chaining a large number\n of entities caused by stack overflow by resolving use of\n recursion, for all three uses of entities:\n - general entities in character data (\"\u003ce\u003e\u0026g1;\u003c/e\u003e\")\n - general entities in attribute values (\"\u003ce k1=\u0027\u0026g1;\u0027/\u003e\")\n - parameter entities (\"%p1;\")\n Known impact is (reliable and easy) denial of service:\n CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C\n (Base Score: 7.5, Temporal Score: 7.2)\n Please note that a layer of compression around XML can\n significantly reduce the minimum attack payload size.\n\n * Other changes:\n #935 #937 Autotools: Make generated CMake files look for\n libexpat.@SO_MAJOR@.dylib on macOS\n #925 Autotools: Sync CMake templates with CMake 3.29\n #945 #962 #966 CMake: Drop support for CMake \u003c3.13\n #942 CMake: Small fuzzing related improvements\n #921 docs: Add missing documentation of error code\n XML_ERROR_NOT_STARTED that was introduced with 2.6.4\n #941 docs: Document need for C++11 compiler for use from C++\n #959 tests/benchmark: Fix a (harmless) TOCTTOU\n #944 Windows: Fix installer target location of file xmlwf.xml\n for CMake\n #953 Windows: Address warning -Wunknown-warning-option\n about -Wno-pedantic-ms-format from LLVM MinGW\n #971 Address Cppcheck warnings\n #969 #970 Mass-migrate links from http:// to https://\n #947 #958 ..\n #974 #975 Document changes since the previous release\n #974 #975 Version info bumped from 11:0:10 (libexpat*.so.1.10.0)\n to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/\n for what these numbers do\n\n- no source changes, just adding jira reference: jsc#SLE-21253\n\nVersion update to 2.6.4 \n\n * Security fixes: [bsc#1232601][bsc#1232579]\n #915 CVE-2024-50602 -- Fix crash within function XML_ResumeParser\n from a NULL pointer dereference by disallowing function\n XML_StopParser to (stop or) suspend an unstarted parser.\n A new error code XML_ERROR_NOT_STARTED was introduced to\n properly communicate this situation. // CWE-476 CWE-754\n * Other changes:\n #903 CMake: Add alias target \"expat::expat\"\n #905 docs: Document use via CMake \u003e=3.18 with FetchContent\n and SOURCE_SUBDIR and its consequences\n #902 tests: Reduce use of global parser instance\n #904 tests: Resolve duplicate handler\n #317 #918 tests: Improve tests on doctype closing (ex CVE-2019-15903)\n #914 Fix signedness of format strings\n #919 #920 Version info bumped from 10:3:9 (libexpat*.so.1.9.3)\n to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/\n for what these numbers do\n\nUpdate to 2.6.3: \n\n * Security fixes:\n\n - CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with\n len \u003c 0 without noticing and then calling XML_GetBuffer\n will have XML_ParseBuffer fail to recognize the problem\n and XML_GetBuffer corrupt memory.\n With the fix, XML_ParseBuffer now complains with error\n XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse\n has been doing since Expat 2.2.1, and now documented.\n Impact is denial of service to potentially artitrary code\n execution.\n - CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an\n integer overflow for nDefaultAtts on 32-bit platforms\n (where UINT_MAX equals SIZE_MAX).\n Impact is denial of service to potentially artitrary code\n execution.\n - CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can\n have an integer overflow for m_groupSize on 32-bit\n platforms (where UINT_MAX equals SIZE_MAX).\n Impact is denial of service to potentially artitrary code\n execution.\n\nUpdate to 2.6.2:\n\n * CVE-2024-28757 -- Prevent billion laughs attacks with isolated\n use of external parsers (bsc#1221289)\n * Reject direct parameter entity recursion and avoid the related\n undefined behavior\n\nUpdate to 2.6.1:\n\n * Expose billion laughs API with XML_DTD defined and XML_GE\n undefined, regression from 2.6.0\n * Make tests independent of CPU speed, and thus more robust\n\nUpdate to 2.6.0: \n\n * Security fixes:\n - CVE-2023-52425 (bsc#1219559) \n -- Fix quadratic runtime issues with big tokens\n that can cause denial of service, in partial where\n dealing with compressed XML input. Applications\n that parsed a document in one go -- a single call to\n functions XML_Parse or XML_ParseBuffer -- were not affected.\n The smaller the chunks/buffers you use for parsing\n previously, the bigger the problem prior to the fix.\n Backporters should be careful to no omit parts of\n pull request #789 and to include earlier pull request #771,\n in order to not break the fix.\n - CVE-2023-52426 (bsc#1219561)\n -- Fix billion laughs attacks for users\n compiling *without* XML_DTD defined (which is not common).\n Users with XML_DTD defined have been protected since\n Expat \u003e=2.4.0 (and that was CVE-2013-0340 back then).\n * Bug fixes:\n - Fix parse-size-dependent \"invalid token\" error for\n external entities that start with a byte order mark\n - Fix NULL pointer dereference in setContext via\n XML_ExternalEntityParserCreate for compilation with\n XML_DTD undefined\n - Protect against closing entities out of order\n * Other changes:\n - Improve support for arc4random/arc4random_buf\n - Improve buffer growth in XML_GetBuffer and XML_Parse\n - xmlwf: Support --help and --version\n - xmlwf: Support custom buffer size for XML_GetBuffer and read\n - xmlwf: Improve language and URL clickability in help output\n - examples: Add new example \"element_declarations.c\"\n - Be stricter about macro XML_CONTEXT_BYTES at build time\n - Make inclusion to expat_config.h consistent\n - Autotools: configure.ac: Support --disable-maintainer-mode\n - Autotools: Sync CMake templates with CMake 3.26\n - Autotools: Make installation of shipped man page doc/xmlwf.1\n independent of docbook2man availability\n - Autotools|CMake: Add missing -DXML_STATIC to pkg-config file\n section \"Cflags.private\" in order to fix compilation\n against static libexpat using pkg-config on Windows\n - Autotools|CMake: Require a C99 compiler\n (a de-facto requirement already since Expat 2.2.2 of 2017)\n - Autotools|CMake: Fix PACKAGE_BUGREPORT variable\n - Autotools|CMake: Make test suite require a C++11 compiler\n - CMake: Require CMake \u003e=3.5.0\n - CMake: Lowercase off_t and size_t to help a bug in Meson\n - CMake: Sort xmlwf sources alphabetically\n - CMake|Windows: Fix generation of DLL file version info\n - CMake: Build tests/benchmark/benchmark.c as well for\n a build with -DEXPAT_BUILD_TESTS=ON\n - docs: Document the importance of isFinal + adjust tests\n accordingly\n - docs: Improve use of \"NULL\" and \"null\"\n - docs: Be specific about version of XML (XML 1.0r4)\n and version of C (C99); (XML 1.0r5 will need a sponsor.)\n - docs: reference.html: Promote function XML_ParseBuffer more\n - docs: reference.html: Add HTML anchors to XML_* macros\n - docs: reference.html: Upgrade to OK.css 1.2.0\n - docs: Fix typos\n - docs|CI: Use HTTPS URLs instead of HTTP at various places\n - Address compiler warnings\n - Address clang-tidy warnings\n - Version info bumped from 9:10:8 (libexpat*.so.1.8.10)\n to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/\n for what these numbers do\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-108",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20311-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20311-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520311-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20311-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021027.html"
},
{
"category": "self",
"summary": "SUSE Bug 1219559",
"url": "https://bugzilla.suse.com/1219559"
},
{
"category": "self",
"summary": "SUSE Bug 1219561",
"url": "https://bugzilla.suse.com/1219561"
},
{
"category": "self",
"summary": "SUSE Bug 1221289",
"url": "https://bugzilla.suse.com/1221289"
},
{
"category": "self",
"summary": "SUSE Bug 1229930",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "self",
"summary": "SUSE Bug 1229931",
"url": "https://bugzilla.suse.com/1229931"
},
{
"category": "self",
"summary": "SUSE Bug 1229932",
"url": "https://bugzilla.suse.com/1229932"
},
{
"category": "self",
"summary": "SUSE Bug 1232579",
"url": "https://bugzilla.suse.com/1232579"
},
{
"category": "self",
"summary": "SUSE Bug 1232601",
"url": "https://bugzilla.suse.com/1232601"
},
{
"category": "self",
"summary": "SUSE Bug 1239618",
"url": "https://bugzilla.suse.com/1239618"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0340 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52425 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52426 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52426/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28757 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45490 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45491 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45492 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50602 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-8176 page",
"url": "https://www.suse.com/security/cve/CVE-2024-8176/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-05-13T13:37:27Z",
"generator": {
"date": "2025-05-13T13:37:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20311-1",
"initial_release_date": "2025-05-13T13:37:27Z",
"revision_history": [
{
"date": "2025-05-13T13:37:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"product_id": "libexpat1-2.7.1-slfo.1.1_1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"product": {
"name": "libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"product_id": "libexpat1-2.7.1-slfo.1.1_1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"product": {
"name": "libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"product_id": "libexpat1-2.7.1-slfo.1.1_1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-slfo.1.1_1.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-slfo.1.1_1.1.x86_64",
"product_id": "libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-slfo.1.1_1.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x"
},
"product_reference": "libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0340"
}
],
"notes": [
{
"category": "general",
"text": "expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0340",
"url": "https://www.suse.com/security/cve/CVE-2013-0340"
},
{
"category": "external",
"summary": "SUSE Bug 805236 for CVE-2013-0340",
"url": "https://bugzilla.suse.com/805236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-13T13:37:27Z",
"details": "moderate"
}
],
"title": "CVE-2013-0340"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-13T13:37:27Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
},
{
"cve": "CVE-2023-52425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52425"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52425",
"url": "https://www.suse.com/security/cve/CVE-2023-52425"
},
{
"category": "external",
"summary": "SUSE Bug 1219559 for CVE-2023-52425",
"url": "https://bugzilla.suse.com/1219559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-13T13:37:27Z",
"details": "moderate"
}
],
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52426"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52426",
"url": "https://www.suse.com/security/cve/CVE-2023-52426"
},
{
"category": "external",
"summary": "SUSE Bug 1219561 for CVE-2023-52426",
"url": "https://bugzilla.suse.com/1219561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-13T13:37:27Z",
"details": "moderate"
}
],
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2024-28757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28757"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28757",
"url": "https://www.suse.com/security/cve/CVE-2024-28757"
},
{
"category": "external",
"summary": "SUSE Bug 1221289 for CVE-2024-28757",
"url": "https://bugzilla.suse.com/1221289"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-13T13:37:27Z",
"details": "important"
}
],
"title": "CVE-2024-28757"
},
{
"cve": "CVE-2024-45490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45490"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45490",
"url": "https://www.suse.com/security/cve/CVE-2024-45490"
},
{
"category": "external",
"summary": "SUSE Bug 1229930 for CVE-2024-45490",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "external",
"summary": "SUSE Bug 1229962 for CVE-2024-45490",
"url": "https://bugzilla.suse.com/1229962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-13T13:37:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45491"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45491",
"url": "https://www.suse.com/security/cve/CVE-2024-45491"
},
{
"category": "external",
"summary": "SUSE Bug 1229930 for CVE-2024-45491",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "external",
"summary": "SUSE Bug 1229931 for CVE-2024-45491",
"url": "https://bugzilla.suse.com/1229931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-13T13:37:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45492"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45492",
"url": "https://www.suse.com/security/cve/CVE-2024-45492"
},
{
"category": "external",
"summary": "SUSE Bug 1229930 for CVE-2024-45492",
"url": "https://bugzilla.suse.com/1229930"
},
{
"category": "external",
"summary": "SUSE Bug 1229932 for CVE-2024-45492",
"url": "https://bugzilla.suse.com/1229932"
},
{
"category": "external",
"summary": "SUSE Bug 1229964 for CVE-2024-45492",
"url": "https://bugzilla.suse.com/1229964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-13T13:37:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-50602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50602"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50602",
"url": "https://www.suse.com/security/cve/CVE-2024-50602"
},
{
"category": "external",
"summary": "SUSE Bug 1232579 for CVE-2024-50602",
"url": "https://bugzilla.suse.com/1232579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-13T13:37:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-50602"
},
{
"cve": "CVE-2024-8176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-8176"
}
],
"notes": [
{
"category": "general",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-8176",
"url": "https://www.suse.com/security/cve/CVE-2024-8176"
},
{
"category": "external",
"summary": "SUSE Bug 1239618 for CVE-2024-8176",
"url": "https://bugzilla.suse.com/1239618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-13T13:37:27Z",
"details": "important"
}
],
"title": "CVE-2024-8176"
}
]
}
WID-SEC-W-2024-0591
Vulnerability from csaf_certbund - Published: 2024-03-10 23:00 - Updated: 2026-04-15 22:00Summary
expat: Schwachstelle ermöglicht Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Expat ist ein XML Parser, der in der Programmiersprache-C geschrieben ist.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in expat ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
NetApp ActiveIQ Unified Manager for VMware vSphere
NetApp / ActiveIQ Unified Manager
|
cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere
|
for VMware vSphere | |
|
OpenBSD OpenBSD 7.4
OpenBSD / OpenBSD
|
cpe:/a:openbsd:openbsd:7.4
|
7.4 | |
|
OpenBSD OpenBSD 7.3
OpenBSD / OpenBSD
|
cpe:/a:openbsd:openbsd:7.3
|
7.3 | |
|
Red Hat OpenShift Container Platform <4.14.63
Red Hat / OpenShift
|
Container Platform <4.14.63 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source expat <2.6.2
Open Source / expat
|
<2.6.2 | ||
|
Red Hat OpenShift Container Platform <4.15.62
Red Hat / OpenShift
|
Container Platform <4.15.62 | ||
|
IBM AIX 7.3
IBM / AIX
|
cpe:/o:ibm:aix:7.3
|
7.3 | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
Xerox FreeFlow Print Server v9 for Solaris
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9_for_solaris
|
v9 for Solaris | |
|
Dell PowerScale OneFS
Dell
|
cpe:/a:dell:powerscale_onefs:onefs
|
— | |
|
Insyde UEFI Firmware kernel
Insyde / UEFI Firmware
|
cpe:/h:insyde:uefi:kernel
|
kernel | |
|
IBM VIOS 4.1
IBM / VIOS
|
cpe:/a:ibm:vios:4.1
|
4.1 | |
|
NetApp Data ONTAP 9
NetApp / Data ONTAP
|
cpe:/a:netapp:data_ontap:9
|
9 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.35
Red Hat / OpenShift
|
Container Platform <4.18.35 | ||
|
Red Hat OpenShift Container Platform <4.17.51
Red Hat / OpenShift
|
Container Platform <4.17.51 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.13.65
Red Hat / OpenShift
|
Container Platform <4.13.65 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.58
Red Hat / OpenShift
|
Container Platform <4.16.58 | ||
|
Hitachi Energy RTU500
Hitachi Energy
|
cpe:/h:abb:rtu500:-
|
— | |
|
Red Hat OpenShift Container Platform <4.19.28
Red Hat / OpenShift
|
Container Platform <4.19.28 |
References
45 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Expat ist ein XML Parser, der in der Programmiersprache-C geschrieben ist.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in expat ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0591 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0591.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0591 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0591"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-03-10",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268766"
},
{
"category": "external",
"summary": "Red Hat Bugzilla vom 2024-03-10",
"url": "https://access.redhat.com/security/cve/CVE-2024-28757"
},
{
"category": "external",
"summary": "Github Security Advisory",
"url": "https://github.com/advisories/GHSA-ch5v-h69f-mxc8"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-AFB73E6F62 vom 2024-03-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-afb73e6f62"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-40B98C9CED vom 2024-03-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-40b98c9ced"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-4E6E660FAE vom 2024-03-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-4e6e660fae"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6694-1 vom 2024-03-14",
"url": "https://ubuntu.com/security/notices/USN-6694-1"
},
{
"category": "external",
"summary": "OpenBSD 7.4 Errata",
"url": "https://www.openbsd.org/errata74.html#015"
},
{
"category": "external",
"summary": "OpenBSD 7.3 Errata",
"url": "https://www.openbsd.org/errata73.html#027"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1530 vom 2024-03-26",
"url": "https://access.redhat.com/errata/RHSA-2024:1530"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-1530 vom 2024-03-27",
"url": "https://linux.oracle.com/errata/ELSA-2024-1530.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7149178"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2633 vom 2024-05-01",
"url": "https://access.redhat.com/errata/RHSA-2024:2633"
},
{
"category": "external",
"summary": "Insyde Security Advisory INSYDE-SA-2024002 vom 2024-05-14",
"url": "https://www.insyde.com/security-pledge/SA-2024002"
},
{
"category": "external",
"summary": "F5 Security Advisory K000139637 vom 2024-05-16",
"url": "https://my.f5.com/manage/s/article/K000139637"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6985269 vom 2024-06-14",
"url": "https://www.ibm.com/support/pages/node/7157444"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3926 vom 2024-06-14",
"url": "https://access.redhat.com/errata/RHSA-2024:3926"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4631 vom 2024-07-18",
"url": "https://access.redhat.com/errata/RHSA-2024:4631"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1129-2 vom 2024-08-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019237.html"
},
{
"category": "external",
"summary": "DELL Security Update for Dell PowerScale OneFS",
"url": "https://www.dell.com/support/kbdoc/en-us/000228207/dsa-2024-346-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-39D459DD00 vom 2024-09-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-39d459dd00"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-2B163F9201 vom 2024-09-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-2b163f9201"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-F750328C3B vom 2024-09-10",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-f750328c3b"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-308628EBB8 vom 2024-09-11",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-308628ebb8"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-F652468298 vom 2024-09-11",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-f652468298"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-1E6D6F8452 vom 2024-09-11",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-1e6d6f8452"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-7A069F48E4 vom 2024-09-11",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-7a069f48e4"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-6DEDBC5CF9 vom 2024-09-11",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-6dedbc5cf9"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-422 vom 2024-10-10",
"url": "https://www.dell.com/support/kbdoc/de-de/000234730/dsa-2024-422-security-update-for-dell-networker-vproxy-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-001 vom 2025-01-13",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-001-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20311-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021027.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20207-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021128.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20045-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021308.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20240322-0001 vom 2025-06-27",
"url": "https://security.netapp.com/advisory/NTAP-20240322-0001"
},
{
"category": "external",
"summary": "Hitachi Cybersecurity Advisory vom 2025-09-09",
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000220\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=launch"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21974 vom 2025-11-25",
"url": "https://linux.oracle.com/errata/ELSA-2025-21974.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3876 vom 2026-03-11",
"url": "https://access.redhat.com/errata/RHSA-2026:3876"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4419 vom 2026-03-19",
"url": "https://access.redhat.com/errata/RHSA-2026:4419"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4465 vom 2026-03-19",
"url": "https://access.redhat.com/errata/RHSA-2026:4465"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4480 vom 2026-03-20",
"url": "https://access.redhat.com/errata/RHSA-2026:4480"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:5087 vom 2026-03-26",
"url": "https://access.redhat.com/errata/RHSA-2026:5087"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7239 vom 2026-04-16",
"url": "https://access.redhat.com/errata/RHSA-2026:7239"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7243 vom 2026-04-16",
"url": "https://access.redhat.com/errata/RHSA-2026:7243"
}
],
"source_lang": "en-US",
"title": "expat: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2026-04-15T22:00:00.000+00:00",
"generator": {
"date": "2026-04-16T11:19:04.626+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-0591",
"initial_release_date": "2024-03-10T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-03-10T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-03-11T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-03-14T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-03-18T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-03-26T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2024-04-23T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-05-13T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Insyde aufgenommen"
},
{
"date": "2024-05-15T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2024-06-13T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM und Red Hat aufgenommen"
},
{
"date": "2024-07-18T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-19T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-01T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-09-10T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-09-11T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-10-09T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-01-12T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-29T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2025-07-31T22:00:00.000+00:00",
"number": "21",
"summary": "Referenz(en) aufgenommen:"
},
{
"date": "2025-09-08T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-03-10T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-18T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-19T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-25T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-04-15T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "28"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell PowerScale OneFS",
"product": {
"name": "Dell PowerScale OneFS",
"product_id": "T034610",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerscale_onefs:onefs"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Energy RTU500",
"product": {
"name": "Hitachi Energy RTU500",
"product_id": "T027844",
"product_identification_helper": {
"cpe": "cpe:/h:abb:rtu500:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi Energy"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM AIX 7.3",
"product_id": "1139691",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3"
}
}
}
],
"category": "product_name",
"name": "AIX"
},
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "4.1",
"product": {
"name": "IBM VIOS 4.1",
"product_id": "1522854",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:4.1"
}
}
}
],
"category": "product_name",
"name": "VIOS"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel",
"product": {
"name": "Insyde UEFI Firmware kernel",
"product_id": "T034716",
"product_identification_helper": {
"cpe": "cpe:/h:insyde:uefi:kernel"
}
}
}
],
"category": "product_name",
"name": "UEFI Firmware"
}
],
"category": "vendor",
"name": "Insyde"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "for VMware vSphere",
"product": {
"name": "NetApp ActiveIQ Unified Manager for VMware vSphere",
"product_id": "T025152",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere"
}
}
}
],
"category": "product_name",
"name": "ActiveIQ Unified Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "NetApp Data ONTAP 9",
"product_id": "T039981",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:9"
}
}
}
],
"category": "product_name",
"name": "Data ONTAP"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.6.2",
"product": {
"name": "Open Source expat \u003c2.6.2",
"product_id": "T033352"
}
},
{
"category": "product_version",
"name": "2.6.2",
"product": {
"name": "Open Source expat 2.6.2",
"product_id": "T033352-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:expat:expat:2.6.2"
}
}
}
],
"category": "product_name",
"name": "expat"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.4",
"product": {
"name": "OpenBSD OpenBSD 7.4",
"product_id": "T033213",
"product_identification_helper": {
"cpe": "cpe:/a:openbsd:openbsd:7.4"
}
}
},
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "OpenBSD OpenBSD 7.3",
"product_id": "T033214",
"product_identification_helper": {
"cpe": "cpe:/a:openbsd:openbsd:7.3"
}
}
}
],
"category": "product_name",
"name": "OpenBSD"
}
],
"category": "vendor",
"name": "OpenBSD"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "Container Platform \u003c4.18.35",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.18.35",
"product_id": "T051608"
}
},
{
"category": "product_version",
"name": "Container Platform 4.18.35",
"product": {
"name": "Red Hat OpenShift Container Platform 4.18.35",
"product_id": "T051608-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.18.35"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.51",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.51",
"product_id": "T051805"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.51",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.51",
"product_id": "T051805-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.51"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.15.62",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.15.62",
"product_id": "T051881"
}
},
{
"category": "product_version",
"name": "Container Platform 4.15.62",
"product": {
"name": "Red Hat OpenShift Container Platform 4.15.62",
"product_id": "T051881-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.15.62"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.16.58",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.16.58",
"product_id": "T051889"
}
},
{
"category": "product_version",
"name": "Container Platform 4.16.58",
"product": {
"name": "Red Hat OpenShift Container Platform 4.16.58",
"product_id": "T051889-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.16.58"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.14.63",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.14.63",
"product_id": "T052152"
}
},
{
"category": "product_version",
"name": "Container Platform 4.14.63",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14.63",
"product_id": "T052152-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.14.63"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.13.65",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.13.65",
"product_id": "T052914"
}
},
{
"category": "product_version",
"name": "Container Platform 4.13.65",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13.65",
"product_id": "T052914-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.13.65"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.19.28",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.19.28",
"product_id": "T052919"
}
},
{
"category": "product_version",
"name": "Container Platform 4.19.28",
"product": {
"name": "Red Hat OpenShift Container Platform 4.19.28",
"product_id": "T052919-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.19.28"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "v9 for Solaris",
"product": {
"name": "Xerox FreeFlow Print Server v9 for Solaris",
"product_id": "T028053",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v9_for_solaris"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28757",
"product_status": {
"known_affected": [
"T025152",
"T033213",
"T033214",
"T052152",
"67646",
"T004914",
"T033352",
"T051881",
"1139691",
"T001663",
"T028053",
"T034610",
"T034716",
"1522854",
"T039981",
"74185",
"T032495",
"T051608",
"T051805",
"T002207",
"T052914",
"T000126",
"T051889",
"T027844",
"T052919"
]
},
"release_date": "2024-03-10T23:00:00.000+00:00",
"title": "CVE-2024-28757"
}
]
}
WID-SEC-W-2024-1360
Vulnerability from csaf_certbund - Published: 2024-06-11 22:00 - Updated: 2026-01-25 23:00Summary
IBM DB2: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM DB2 ist ein relationales Datenbanksystem (RDBS) von IBM.
Angriff: Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in IBM DB2 ausnutzen, um einen Denial of Service Angriff durchzuführen, beliebigen Code auszuführen und vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 <V11.5
IBM / DB2
|
<V11.5 | ||
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
IBM DB2 <V10.5
IBM / DB2
|
<V10.5 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 <V11.5
IBM / DB2
|
<V11.5 | ||
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
IBM DB2 <V10.5
IBM / DB2
|
<V10.5 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 <V11.5
IBM / DB2
|
<V11.5 | ||
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
IBM DB2 <V10.5
IBM / DB2
|
<V10.5 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 <V11.5
IBM / DB2
|
<V11.5 | ||
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
IBM DB2 <V10.5
IBM / DB2
|
<V10.5 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 <V11.5
IBM / DB2
|
<V11.5 | ||
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
IBM DB2 <V10.5
IBM / DB2
|
<V10.5 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 <V11.5
IBM / DB2
|
<V11.5 | ||
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
IBM DB2 <V10.5
IBM / DB2
|
<V10.5 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 <V11.5
IBM / DB2
|
<V11.5 | ||
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
IBM DB2 <V10.5
IBM / DB2
|
<V10.5 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 <V11.5
IBM / DB2
|
<V11.5 | ||
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
IBM DB2 <V10.5
IBM / DB2
|
<V10.5 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
IBM DB2 <V10.5
IBM / DB2
|
<V10.5 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 <V11.5
IBM / DB2
|
<V11.5 | ||
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM DB2 <V11.5
IBM / DB2
|
<V11.5 | ||
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
IBM License Metric Tool 9.2
IBM / License Metric Tool
|
cpe:/a:ibm:license_metric_tool:9.2
|
9.2 | |
|
IBM DB2 Big SQL
IBM / DB2
|
cpe:/a:ibm:db2:big_sql
|
Big SQL | |
|
Atlassian Confluence Data Center <8.9.3
Atlassian / Confluence
|
Data Center <8.9.3 | ||
|
HCL Commerce
HCL
|
cpe:/a:hcltechsw:commerce:-
|
— | |
|
IBM Tivoli Key Lifecycle Manager
IBM
|
cpe:/a:ibm:tivoli_key_lifecycle_manager:-
|
— | |
|
IBM Tivoli Business Service Manager <6.2.0.5 IF5
IBM / Tivoli Business Service Manager
|
<6.2.0.5 IF5 | ||
|
IBM DB2 <V11.1
IBM / DB2
|
<V11.1 | ||
|
Atlassian Confluence <7.19.24 LTS
Atlassian / Confluence
|
<7.19.24 LTS | ||
|
Atlassian Confluence <8.5.11 LTS
Atlassian / Confluence
|
<8.5.11 LTS |
References
18 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM DB2 ist ein relationales Datenbanksystem (RDBS) von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in IBM DB2 ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, beliebigen Code auszuf\u00fchren und vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1360 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1360.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1360 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1360"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156844 vom 2024-06-11",
"url": "https://www.ibm.com/support/pages/node/7156844"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156845 vom 2024-06-11",
"url": "https://www.ibm.com/support/pages/node/7156845"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156846 vom 2024-06-11",
"url": "https://www.ibm.com/support/pages/node/7156846"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156847 vom 2024-06-11",
"url": "https://www.ibm.com/support/pages/node/7156847"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156848 vom 2024-06-11",
"url": "https://www.ibm.com/support/pages/node/7156848"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156849 vom 2024-06-11",
"url": "https://www.ibm.com/support/pages/node/7156849"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156850 vom 2024-06-11",
"url": "https://www.ibm.com/support/pages/node/7156850"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156851 vom 2024-06-11",
"url": "https://www.ibm.com/support/pages/node/7156851"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7156852 vom 2024-06-11",
"url": "https://www.ibm.com/support/pages/node/7156852"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - June 18 2024",
"url": "https://confluence.atlassian.com/security/security-bulletin-june-18-2024-1409286211.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7159926 vom 2024-07-10",
"url": "https://www.ibm.com/support/pages/node/7159926"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7167605 vom 2024-09-05",
"url": "https://www.ibm.com/support/pages/node/7167605"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7168022 vom 2024-09-10",
"url": "https://www.ibm.com/support/pages/node/7168022"
},
{
"category": "external",
"summary": "HCL Security Advisory vom 2024-11-30",
"url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=ab451f7ffb0a5210db10f2797befdcca"
},
{
"category": "external",
"summary": "Deell Security Update",
"url": "https://www.dell.com/support/kbdoc/en-us/000281732/dsa-2025-075-security-update-for-dell-data-protection-advisor-for-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7257981 vom 2026-01-25",
"url": "https://www.ibm.com/support/pages/node/7257981"
}
],
"source_lang": "en-US",
"title": "IBM DB2: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-25T23:00:00.000+00:00",
"generator": {
"date": "2026-01-26T09:36:06.989+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-1360",
"initial_release_date": "2024-06-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-06-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-06-18T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-09-05T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-09-10T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2024-12-01T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Dell und IBM aufgenommen"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c8.9.3",
"product": {
"name": "Atlassian Confluence Data Center \u003c8.9.3",
"product_id": "T035527"
}
},
{
"category": "product_version",
"name": "Data Center 8.9.3",
"product": {
"name": "Atlassian Confluence Data Center 8.9.3",
"product_id": "T035527-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__8.9.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.11 LTS",
"product": {
"name": "Atlassian Confluence \u003c8.5.11 LTS",
"product_id": "T035530"
}
},
{
"category": "product_version",
"name": "8.5.11 LTS",
"product": {
"name": "Atlassian Confluence 8.5.11 LTS",
"product_id": "T035530-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.5.11_lts"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.19.24 LTS",
"product": {
"name": "Atlassian Confluence \u003c7.19.24 LTS",
"product_id": "T035531"
}
},
{
"category": "product_version",
"name": "7.19.24 LTS",
"product": {
"name": "Atlassian Confluence 7.19.24 LTS",
"product_id": "T035531-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:7.19.24_lts"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.12",
"product": {
"name": "Dell Data Protection Advisor \u003c19.12",
"product_id": "T050283"
}
},
{
"category": "product_version",
"name": "19.12",
"product": {
"name": "Dell Data Protection Advisor 19.12",
"product_id": "T050283-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:data_protection_advisor:19.12"
}
}
}
],
"category": "product_name",
"name": "Data Protection Advisor"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "HCL Commerce",
"product": {
"name": "HCL Commerce",
"product_id": "T019293",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:-"
}
}
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Big SQL",
"product": {
"name": "IBM DB2 Big SQL",
"product_id": "T022379",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:big_sql"
}
}
},
{
"category": "product_version_range",
"name": "\u003cV10.5",
"product": {
"name": "IBM DB2 \u003cV10.5",
"product_id": "T035400"
}
},
{
"category": "product_version",
"name": "V10.5",
"product": {
"name": "IBM DB2 V10.5",
"product_id": "T035400-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:v10.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003cV11.1",
"product": {
"name": "IBM DB2 \u003cV11.1",
"product_id": "T035401"
}
},
{
"category": "product_version",
"name": "V11.1",
"product": {
"name": "IBM DB2 V11.1",
"product_id": "T035401-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:v11.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003cV11.5",
"product": {
"name": "IBM DB2 \u003cV11.5",
"product_id": "T035402"
}
},
{
"category": "product_version",
"name": "V11.5",
"product": {
"name": "IBM DB2 V11.5",
"product_id": "T035402-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:v11.5"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"branches": [
{
"category": "product_version",
"name": "9.2",
"product": {
"name": "IBM License Metric Tool 9.2",
"product_id": "T027649",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:license_metric_tool:9.2"
}
}
}
],
"category": "product_name",
"name": "License Metric Tool"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.2.0.5 IF5",
"product": {
"name": "IBM Tivoli Business Service Manager \u003c6.2.0.5 IF5",
"product_id": "T037436"
}
},
{
"category": "product_version",
"name": "6.2.0.5 IF5",
"product": {
"name": "IBM Tivoli Business Service Manager 6.2.0.5 IF5",
"product_id": "T037436-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_business_service_manager:6.2.0.5_if5"
}
}
}
],
"category": "product_name",
"name": "Tivoli Business Service Manager"
},
{
"category": "product_name",
"name": "IBM Tivoli Key Lifecycle Manager",
"product": {
"name": "IBM Tivoli Key Lifecycle Manager",
"product_id": "T026238",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_key_lifecycle_manager:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29267",
"product_status": {
"known_affected": [
"T035402",
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035400",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2023-29267"
},
{
"cve": "CVE-2023-45853",
"product_status": {
"known_affected": [
"T035402",
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035400",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2023-45853"
},
{
"cve": "CVE-2024-25710",
"product_status": {
"known_affected": [
"T035402",
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035400",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2024-25710"
},
{
"cve": "CVE-2024-26308",
"product_status": {
"known_affected": [
"T035402",
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035400",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-28762",
"product_status": {
"known_affected": [
"T035402",
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035400",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2024-28762"
},
{
"cve": "CVE-2024-29025",
"product_status": {
"known_affected": [
"T035402",
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035400",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-31880",
"product_status": {
"known_affected": [
"T035402",
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035400",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2024-31880"
},
{
"cve": "CVE-2024-31881",
"product_status": {
"known_affected": [
"T035402",
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035400",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2024-31881"
},
{
"cve": "CVE-2024-28757",
"product_status": {
"known_affected": [
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035400",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2024-28757"
},
{
"cve": "CVE-2024-29131",
"product_status": {
"known_affected": [
"T035402",
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2024-29131"
},
{
"cve": "CVE-2024-29133",
"product_status": {
"known_affected": [
"T035402",
"T050283",
"T027649",
"T022379",
"T035527",
"T019293",
"T026238",
"T037436",
"T035401",
"T035531",
"T035530"
]
},
"release_date": "2024-06-11T22:00:00.000+00:00",
"title": "CVE-2024-29133"
}
]
}
WID-SEC-W-2024-1474
Vulnerability from csaf_certbund - Published: 2024-06-27 22:00 - Updated: 2025-08-26 22:00Summary
Red Hat OpenShift Container Platform: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff: Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Container Platform <4.12.63
Red Hat / OpenShift
|
Container Platform <4.12.63 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.1
Red Hat / OpenShift
|
Container Platform <4.16.1 | ||
|
Red Hat Ansible Automation Platform
Red Hat
|
cpe:/a:redhat:ansible_automation_platform:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.28
Red Hat / OpenShift
|
Container Platform <4.15.28 | ||
|
Red Hat OpenShift Container Platform <4.14.38
Red Hat / OpenShift
|
Container Platform <4.14.38 | ||
|
Red Hat OpenShift <4.16.24
Red Hat / OpenShift
|
<4.16.24 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Red Hat OpenShift Run Once Duration Override Operator 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:run_once_duration_override_operator_1
|
Run Once Duration Override Operator 1 | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.16.0
Red Hat / OpenShift
|
Container Platform <4.16.0 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Red Hat OpenShift Virtualization <4.15.5
Red Hat / OpenShift
|
Virtualization <4.15.5 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat OpenShift Secondary Scheduler Operator
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:::secondary_scheduler_operator
|
Secondary Scheduler Operator | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Container Platform <4.16.23
Red Hat / OpenShift
|
Container Platform <4.16.23 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 |
References
66 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1474 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1474.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1474 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1474"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0040 vom 2024-06-27",
"url": "https://access.redhat.com/errata/RHSA-2024:0040"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0041 vom 2024-06-27",
"url": "https://access.redhat.com/errata/RHSA-2024:0041"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0043 vom 2024-06-27",
"url": "https://access.redhat.com/errata/RHSA-2024:0043"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0045 vom 2024-06-27",
"url": "https://access.redhat.com/errata/RHSA-2024:0045"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3637 vom 2024-07-01",
"url": "https://access.redhat.com/errata/RHSA-2024:3637"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3617 vom 2024-07-01",
"url": "https://access.redhat.com/errata/RHSA-2024:3617"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1616 vom 2024-07-01",
"url": "https://access.redhat.com/errata/RHSA-2024:1616"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:3968 vom 2024-07-02",
"url": "https://errata.build.resf.org/RLSA-2024:3968"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4150 vom 2024-07-03",
"url": "https://access.redhat.com/errata/RHSA-2024:4150"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4159 vom 2024-07-03",
"url": "https://access.redhat.com/errata/RHSA-2024:4159"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-BD8FE42929 vom 2024-07-06",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-bd8fe42929"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4591 vom 2024-07-17",
"url": "https://access.redhat.com/errata/RHSA-2024:4591"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4613 vom 2024-07-25",
"url": "https://access.redhat.com/errata/RHSA-2024:4613"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4699 vom 2024-07-25",
"url": "https://access.redhat.com/errata/RHSA-2024:4699"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4850 vom 2024-07-31",
"url": "https://access.redhat.com/errata/RHSA-2024:4850"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4846 vom 2024-07-31",
"url": "https://access.redhat.com/errata/RHSA-2024:4846"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:4960 vom 2024-08-07",
"url": "https://access.redhat.com/errata/RHSA-2024:4960"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5094 vom 2024-08-08",
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5258 vom 2024-08-13",
"url": "https://access.redhat.com/errata/RHSA-2024:5258"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASNITRO-ENCLAVES-2024-042 vom 2024-08-13",
"url": "https://alas.aws.amazon.com/AL2/ALASNITRO-ENCLAVES-2024-042.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5294 vom 2024-08-14",
"url": "https://access.redhat.com/errata/RHSA-2024:5294"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-5294 vom 2024-08-14",
"url": "https://linux.oracle.com/errata/ELSA-2024-5294.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-5258 vom 2024-08-14",
"url": "https://linux.oracle.com/errata/ELSA-2024-5258.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5200 vom 2024-08-19",
"url": "https://access.redhat.com/errata/RHSA-2024:5200"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5202 vom 2024-08-19",
"url": "https://access.redhat.com/errata/RHSA-2024:5202"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5438 vom 2024-08-21",
"url": "https://access.redhat.com/errata/RHSA-2024:5438"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:5951 vom 2024-08-28",
"url": "https://access.redhat.com/errata/RHSA-2024:5951"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6054 vom 2024-08-30",
"url": "https://access.redhat.com/errata/RHSA-2024:6054"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6708 vom 2024-09-16",
"url": "https://access.redhat.com/errata/RHSA-2024:6708"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6755 vom 2024-09-18",
"url": "https://access.redhat.com/errata/RHSA-2024:6755"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6687 vom 2024-09-19",
"url": "https://access.redhat.com/errata/RHSA-2024:6687"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6824 vom 2024-09-24",
"url": "https://access.redhat.com/errata/RHSA-2024:6824"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7164 vom 2024-09-26",
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7179 vom 2024-10-02",
"url": "https://access.redhat.com/errata/RHSA-2024:7179"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7174 vom 2024-10-02",
"url": "https://access.redhat.com/errata/RHSA-2024:7174"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7179 vom 2024-10-02",
"url": "https://access.redhat.com/errata/RHSA-2024:7182"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3718 vom 2024-10-02",
"url": "https://access.redhat.com/errata/RHSA-2024:3718"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7436 vom 2024-10-02",
"url": "https://access.redhat.com/errata/RHSA-2024:7436"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:3717 vom 2024-10-02",
"url": "https://access.redhat.com/errata/RHSA-2024:3717"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7187 vom 2024-10-03",
"url": "https://access.redhat.com/errata/RHSA-2024:7187"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7184 vom 2024-10-03",
"url": "https://access.redhat.com/errata/RHSA-2024:7184"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7323 vom 2024-10-07",
"url": "https://access.redhat.com/errata/RHSA-2024:7323"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8040 vom 2024-10-14",
"url": "https://access.redhat.com/errata/RHSA-2024:8040"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7922 vom 2024-10-16",
"url": "https://access.redhat.com/errata/RHSA-2024:7922"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7939 vom 2024-10-16",
"url": "https://access.redhat.com/errata/RHSA-2024:7941"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8260 vom 2024-10-24",
"url": "https://access.redhat.com/errata/RHSA-2024:8260"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8534 vom 2024-10-28",
"url": "https://access.redhat.com/errata/RHSA-2024:8534"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8434 vom 2024-10-29",
"url": "https://access.redhat.com/errata/RHSA-2024:8434"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8425 vom 2024-10-31",
"url": "https://access.redhat.com/errata/RHSA-2024:8425"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8676 vom 2024-10-30",
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9181 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9181"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9098 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9098"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9097 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9097"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9102 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9102"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9960 vom 2024-11-19",
"url": "https://access.redhat.com/errata/RHSA-2024:9960"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9615 vom 2024-11-20",
"url": "https://access.redhat.com/errata/RHSA-2024:9615"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10147 vom 2024-11-26",
"url": "https://access.redhat.com/errata/RHSA-2024:10147"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8704 vom 2024-12-02",
"url": "https://access.redhat.com/errata/RHSA-2024:8704"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11293 vom 2024-12-17",
"url": "https://access.redhat.com/errata/RHSA-2024:11293"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6122 vom 2025-02-25",
"url": "https://access.redhat.com/errata/RHSA-2024:6122"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4019 vom 2025-04-23",
"url": "https://access.redhat.com/errata/RHSA-2025:4019"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20013-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021364.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20055-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021310.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0323-1 vom 2025-08-26",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TAOZOXVVSHLUMSNGQ4WCSWQAB5DM7EZH/"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift Container Platform: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-08-26T22:00:00.000+00:00",
"generator": {
"date": "2025-08-27T11:46:37.250+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-1474",
"initial_release_date": "2024-06-27T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-06-27T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-06-30T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-02T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und Red Hat aufgenommen"
},
{
"date": "2024-07-03T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-07T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-07-17T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-24T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-25T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-30T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-31T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-07T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-12T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-13T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-08-14T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-08-18T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-20T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-28T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-08-29T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-09-16T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-09-18T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-09-24T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-09-25T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-01T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-03T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-07T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-13T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-15T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-16T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-23T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-28T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-29T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-30T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-11T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-18T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-26T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-02T23:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-24T23:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-22T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-08-26T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von openSUSE aufgenommen"
}
],
"status": "final",
"version": "42"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform",
"product": {
"name": "Red Hat Ansible Automation Platform",
"product_id": "T031834",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Advanced Cluster Security for Kubernetes 4",
"product": {
"name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
"product_id": "T027916",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
}
}
},
{
"category": "product_version",
"name": "Advanced Cluster Security for Kubernetes 4",
"product": {
"name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
"product_id": "T033787",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "Secondary Scheduler Operator",
"product": {
"name": "Red Hat OpenShift Secondary Scheduler Operator",
"product_id": "T027759",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:::secondary_scheduler_operator"
}
}
},
{
"category": "product_version",
"name": "Kube Descheduler Operator 5",
"product": {
"name": "Red Hat OpenShift Kube Descheduler Operator 5",
"product_id": "T033270",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:kube_descheduler_operator_5"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.16.0",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.16.0",
"product_id": "T035697"
}
},
{
"category": "product_version",
"name": "Container Platform 4.16.0",
"product": {
"name": "Red Hat OpenShift Container Platform 4.16.0",
"product_id": "T035697-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.16.0"
}
}
},
{
"category": "product_version",
"name": "Run Once Duration Override Operator 1",
"product": {
"name": "Red Hat OpenShift Run Once Duration Override Operator 1",
"product_id": "T035698",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:run_once_duration_override_operator_1"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.16.1",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.16.1",
"product_id": "T035804"
}
},
{
"category": "product_version",
"name": "Container Platform 4.16.1",
"product": {
"name": "Red Hat OpenShift Container Platform 4.16.1",
"product_id": "T035804-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.16.1"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.12.63",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.12.63",
"product_id": "T036942"
}
},
{
"category": "product_version",
"name": "Container Platform 4.12.63",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12.63",
"product_id": "T036942-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.12.63"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.15.28",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.15.28",
"product_id": "T036960"
}
},
{
"category": "product_version",
"name": "Container Platform 4.15.28",
"product": {
"name": "Red Hat OpenShift Container Platform 4.15.28",
"product_id": "T036960-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.15.28"
}
}
},
{
"category": "product_version_range",
"name": "Virtualization \u003c4.15.5",
"product": {
"name": "Red Hat OpenShift Virtualization \u003c4.15.5",
"product_id": "T037141"
}
},
{
"category": "product_version",
"name": "Virtualization 4.15.5",
"product": {
"name": "Red Hat OpenShift Virtualization 4.15.5",
"product_id": "T037141-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:virtualization__4.15.5"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.14.38",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.14.38",
"product_id": "T037940"
}
},
{
"category": "product_version",
"name": "Container Platform 4.14.38",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14.38",
"product_id": "T037940-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.14.38"
}
}
},
{
"category": "product_version",
"name": "API for Data Protection 1",
"product": {
"name": "Red Hat OpenShift API for Data Protection 1",
"product_id": "T039224",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:api_for_data_protection_1"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.16.23",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.16.23",
"product_id": "T039272"
}
},
{
"category": "product_version",
"name": "Container Platform 4.16.23",
"product": {
"name": "Red Hat OpenShift Container Platform 4.16.23",
"product_id": "T039272-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.16.23"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.16.24",
"product": {
"name": "Red Hat OpenShift \u003c4.16.24",
"product_id": "T039438"
}
},
{
"category": "product_version",
"name": "4.16.24",
"product": {
"name": "Red Hat OpenShift 4.16.24",
"product_id": "T039438-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.16.24"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.18.10",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.18.10",
"product_id": "T043077"
}
},
{
"category": "product_version",
"name": "Container Platform 4.18.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.18.10",
"product_id": "T043077-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.18.10"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-25210",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2019-25210"
},
{
"cve": "CVE-2023-29483",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2023-29483"
},
{
"cve": "CVE-2023-45142",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2023-45142"
},
{
"cve": "CVE-2023-45289",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2023-45289"
},
{
"cve": "CVE-2023-45290",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2023-45290"
},
{
"cve": "CVE-2023-47108",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2023-47108"
},
{
"cve": "CVE-2023-48795",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-52425",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2024-0874",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-0874"
},
{
"cve": "CVE-2024-1394",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-1394"
},
{
"cve": "CVE-2024-22189",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-22189"
},
{
"cve": "CVE-2024-2398",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-2398"
},
{
"cve": "CVE-2024-24783",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-24783"
},
{
"cve": "CVE-2024-24784",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-24784"
},
{
"cve": "CVE-2024-24785",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-24785"
},
{
"cve": "CVE-2024-24786",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-24786"
},
{
"cve": "CVE-2024-28110",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-28110"
},
{
"cve": "CVE-2024-28176",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-28176"
},
{
"cve": "CVE-2024-28180",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-28180"
},
{
"cve": "CVE-2024-28757",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-28757"
},
{
"cve": "CVE-2024-28849",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-29180",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-29180"
},
{
"cve": "CVE-2024-3177",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-3177"
},
{
"cve": "CVE-2024-3727",
"product_status": {
"known_affected": [
"T033787",
"T036942",
"67646",
"T035804",
"T031834",
"T036960",
"T037940",
"T039438",
"T004914",
"T035698",
"T032255",
"T035697",
"74185",
"T039224",
"T037141",
"T027916",
"T002207",
"T027759",
"T033270",
"T039272",
"T027843",
"398363",
"T043077"
]
},
"release_date": "2024-06-27T22:00:00.000+00:00",
"title": "CVE-2024-3727"
}
]
}
WID-SEC-W-2024-3377
Vulnerability from csaf_certbund - Published: 2024-11-07 23:00 - Updated: 2025-10-12 22:00Summary
Dell PowerProtect Data Domain: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Dell PowerProtect Data Domain Appliances sind speziell für Backup und Daten-Deduplizierung ausgelegte Systeme.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um seine Privilegien zu erhöhen, Informationen offenzulegen und um nicht näher beschriebene Auswirkungen zu erzielen.
Betroffene Betriebssysteme: - Sonstiges
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell / PowerProtect Data Domain
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Dell PowerProtect Data Domain <7.7.5.50
Dell / PowerProtect Data Domain
|
<7.7.5.50 | ||
|
Dell PowerProtect Data Domain <7.10.1.40
Dell / PowerProtect Data Domain
|
<7.10.1.40 | ||
|
Dell PowerProtect Data Domain <7.13.1.10
Dell / PowerProtect Data Domain
|
<7.13.1.10 | ||
|
Dell PowerProtect Data Domain <8.1.0.0
Dell / PowerProtect Data Domain
|
<8.1.0.0 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell PowerProtect Data Domain Appliances sind speziell f\u00fcr Backup und Daten-Deduplizierung ausgelegte Systeme.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um seine Privilegien zu erh\u00f6hen, Informationen offenzulegen und um nicht n\u00e4her beschriebene Auswirkungen zu erzielen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3377 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3377.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3377 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3377"
},
{
"category": "external",
"summary": "Dell Security Update",
"url": "https://www.dell.com/support/kbdoc/de-de/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability"
},
{
"category": "external",
"summary": "Security Update for Dell PowerProtect Data Domain",
"url": "https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03545-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UB7MGNRMXC5LO5Y66FLOE354VVU5ULQK/"
}
],
"source_lang": "en-US",
"title": "Dell PowerProtect Data Domain: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-12T22:00:00.000+00:00",
"generator": {
"date": "2025-10-13T09:30:21.853+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-3377",
"initial_release_date": "2024-11-07T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-07T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-04T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.1.0.0",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.1.0.0",
"product_id": "T038861"
}
},
{
"category": "product_version",
"name": "8.1.0.0",
"product": {
"name": "Dell PowerProtect Data Domain 8.1.0.0",
"product_id": "T038861-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.1.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.13.1.10",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.13.1.10",
"product_id": "T038862"
}
},
{
"category": "product_version",
"name": "7.13.1.10",
"product": {
"name": "Dell PowerProtect Data Domain 7.13.1.10",
"product_id": "T038862-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.1.40",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.10.1.40",
"product_id": "T038863"
}
},
{
"category": "product_version",
"name": "7.10.1.40",
"product": {
"name": "Dell PowerProtect Data Domain 7.10.1.40",
"product_id": "T038863-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.40"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.7.5.50",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.7.5.50",
"product_id": "T038864"
}
},
{
"category": "product_version",
"name": "7.7.5.50",
"product": {
"name": "Dell PowerProtect Data Domain 7.7.5.50",
"product_id": "T038864-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.7.5.50"
}
}
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain",
"product": {
"name": "Dell PowerProtect Data Domain",
"product_id": "T045852",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:-"
}
}
}
],
"category": "product_name",
"name": "PowerProtect Data Domain"
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain Management Center",
"product": {
"name": "Dell PowerProtect Data Domain Management Center",
"product_id": "T045853",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain_management_center:-"
}
}
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain OS",
"product": {
"name": "Dell PowerProtect Data Domain OS",
"product_id": "T045854",
"product_identification_helper": {
"cpe": "cpe:/o:dell:powerprotect_data_domain_os:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45759",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-45759"
},
{
"cve": "CVE-2024-48010",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-48010"
},
{
"cve": "CVE-2024-48011",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-48011"
},
{
"cve": "CVE-2017-16829",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2017-16829"
},
{
"cve": "CVE-2017-5849",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2017-5849"
},
{
"cve": "CVE-2018-7208",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2018-7208"
},
{
"cve": "CVE-2019-14889",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2019-14889"
},
{
"cve": "CVE-2020-12912",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-12912"
},
{
"cve": "CVE-2020-16135",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-16135"
},
{
"cve": "CVE-2020-1730",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-1730"
},
{
"cve": "CVE-2020-24455",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-24455"
},
{
"cve": "CVE-2020-8694",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-8694"
},
{
"cve": "CVE-2020-8695",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2020-8695"
},
{
"cve": "CVE-2021-27219",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2021-27219"
},
{
"cve": "CVE-2021-3565",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2021-3565"
},
{
"cve": "CVE-2021-3634",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2021-3634"
},
{
"cve": "CVE-2022-1210",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-1210"
},
{
"cve": "CVE-2022-1622",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-1622"
},
{
"cve": "CVE-2022-1996",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-1996"
},
{
"cve": "CVE-2022-22576",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-22576"
},
{
"cve": "CVE-2022-25313",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2022-27774",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27774"
},
{
"cve": "CVE-2022-27775",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27775"
},
{
"cve": "CVE-2022-27776",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27776"
},
{
"cve": "CVE-2022-27781",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27781"
},
{
"cve": "CVE-2022-27782",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-27782"
},
{
"cve": "CVE-2022-29361",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-29361"
},
{
"cve": "CVE-2022-32205",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32205"
},
{
"cve": "CVE-2022-32206",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32206"
},
{
"cve": "CVE-2022-32207",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32207"
},
{
"cve": "CVE-2022-32208",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32208"
},
{
"cve": "CVE-2022-32221",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-32221"
},
{
"cve": "CVE-2022-35252",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-35252"
},
{
"cve": "CVE-2022-40023",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-40023"
},
{
"cve": "CVE-2022-40090",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-40090"
},
{
"cve": "CVE-2022-42915",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-42915"
},
{
"cve": "CVE-2022-42916",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-42916"
},
{
"cve": "CVE-2022-43551",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-43551"
},
{
"cve": "CVE-2022-43552",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-43552"
},
{
"cve": "CVE-2022-4603",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-4603"
},
{
"cve": "CVE-2022-48064",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-48064"
},
{
"cve": "CVE-2022-48624",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2022-48624"
},
{
"cve": "CVE-2023-0461",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-0461"
},
{
"cve": "CVE-2023-1667",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-1667"
},
{
"cve": "CVE-2023-1916",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-1916"
},
{
"cve": "CVE-2023-20592",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-20592"
},
{
"cve": "CVE-2023-2137",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-2137"
},
{
"cve": "CVE-2023-22745",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-22745"
},
{
"cve": "CVE-2023-2283",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-2283"
},
{
"cve": "CVE-2023-23914",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23914"
},
{
"cve": "CVE-2023-23915",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23915"
},
{
"cve": "CVE-2023-23916",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23916"
},
{
"cve": "CVE-2023-23934",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-23934"
},
{
"cve": "CVE-2023-25577",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-25577"
},
{
"cve": "CVE-2023-26965",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-26965"
},
{
"cve": "CVE-2023-27043",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2023-2731",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-2731"
},
{
"cve": "CVE-2023-27533",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27533"
},
{
"cve": "CVE-2023-27534",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27534"
},
{
"cve": "CVE-2023-27535",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27535"
},
{
"cve": "CVE-2023-27536",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27536"
},
{
"cve": "CVE-2023-27538",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-27538"
},
{
"cve": "CVE-2023-28319",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28319"
},
{
"cve": "CVE-2023-28320",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28320"
},
{
"cve": "CVE-2023-28321",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28321"
},
{
"cve": "CVE-2023-28322",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-28322"
},
{
"cve": "CVE-2023-31083",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-31083"
},
{
"cve": "CVE-2023-34055",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-34055"
},
{
"cve": "CVE-2023-35116",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-35116"
},
{
"cve": "CVE-2023-38286",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38286"
},
{
"cve": "CVE-2023-38469",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38469"
},
{
"cve": "CVE-2023-38471",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38471"
},
{
"cve": "CVE-2023-38472",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38472"
},
{
"cve": "CVE-2023-38545",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-38546",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-39197",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-39197"
},
{
"cve": "CVE-2023-39198",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-39198"
},
{
"cve": "CVE-2023-39804",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-39804"
},
{
"cve": "CVE-2023-40217",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-40217"
},
{
"cve": "CVE-2023-42465",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-42465"
},
{
"cve": "CVE-2023-4255",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-4255"
},
{
"cve": "CVE-2023-45139",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45139"
},
{
"cve": "CVE-2023-45322",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45322"
},
{
"cve": "CVE-2023-45863",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45863"
},
{
"cve": "CVE-2023-45871",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-45871"
},
{
"cve": "CVE-2023-46136",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46136"
},
{
"cve": "CVE-2023-46218",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46219",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46219"
},
{
"cve": "CVE-2023-46751",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-46751"
},
{
"cve": "CVE-2023-48795",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-49083",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-50447",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-50447"
},
{
"cve": "CVE-2023-5049",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5049"
},
{
"cve": "CVE-2023-50495",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-50495"
},
{
"cve": "CVE-2023-50782",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-50782"
},
{
"cve": "CVE-2023-51257",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-51257"
},
{
"cve": "CVE-2023-52425",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2023-5678",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-5717",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5717"
},
{
"cve": "CVE-2023-5752",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-5752"
},
{
"cve": "CVE-2023-6004",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-6004"
},
{
"cve": "CVE-2023-6597",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2023-6918",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-6918"
},
{
"cve": "CVE-2023-7207",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2023-7207"
},
{
"cve": "CVE-2024-0450",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-0727",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-0985",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-0985"
},
{
"cve": "CVE-2024-21626",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-21626"
},
{
"cve": "CVE-2024-22195",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-22195"
},
{
"cve": "CVE-2024-22365",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-22365"
},
{
"cve": "CVE-2024-23651",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23651"
},
{
"cve": "CVE-2024-23652",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23652"
},
{
"cve": "CVE-2024-23653",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23653"
},
{
"cve": "CVE-2024-23672",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-24549",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-25062",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-26130",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-26458",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-26458"
},
{
"cve": "CVE-2024-26461",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-26461"
},
{
"cve": "CVE-2024-28085",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28085"
},
{
"cve": "CVE-2024-28182",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28219",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28219"
},
{
"cve": "CVE-2024-28757",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T045854",
"T002207",
"T038864",
"T038863",
"T038862",
"T038861"
]
},
"release_date": "2024-11-07T23:00:00.000+00:00",
"title": "CVE-2024-28757"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…