Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-2296 (GCVE-0-2015-2296)
Vulnerability from cvelistv5 – Published: 2015-03-18 16:00 – Updated: 2024-08-06 05:10
VLAI
EPSS
Summary
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2015/03/15/1 | mailing-listx_refsource_MLIST |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://www.openwall.com/lists/oss-security/2015/03/14/4 | mailing-listx_refsource_MLIST |
| http://www.ubuntu.com/usn/USN-2531-1 | vendor-advisoryx_refsource_UBUNTU |
| https://github.com/kennethreitz/requests/commit/3… | x_refsource_CONFIRM |
| http://advisories.mageia.org/MGASA-2015-0120.html | x_refsource_CONFIRM |
| https://warehouse.python.org/project/requests/2.6.0/ | x_refsource_CONFIRM |
Date Public
2015-03-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:10:16.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150314 Re: CVE Request for python-requests session fixation vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/15/1"
},
{
"name": "FEDORA-2015-4084",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html"
},
{
"name": "MDVSA-2015:133",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133"
},
{
"name": "[oss-security] 20150314 CVE Request for python-requests session fixation vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/14/4"
},
{
"name": "USN-2531-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2531-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0120.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://warehouse.python.org/project/requests/2.6.0/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-21T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150314 Re: CVE Request for python-requests session fixation vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/15/1"
},
{
"name": "FEDORA-2015-4084",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html"
},
{
"name": "MDVSA-2015:133",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133"
},
{
"name": "[oss-security] 20150314 CVE Request for python-requests session fixation vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/03/14/4"
},
{
"name": "USN-2531-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2531-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0120.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://warehouse.python.org/project/requests/2.6.0/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150314 Re: CVE Request for python-requests session fixation vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/15/1"
},
{
"name": "FEDORA-2015-4084",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html"
},
{
"name": "MDVSA-2015:133",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133"
},
{
"name": "[oss-security] 20150314 CVE Request for python-requests session fixation vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/14/4"
},
{
"name": "USN-2531-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2531-1"
},
{
"name": "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc",
"refsource": "CONFIRM",
"url": "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0120.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0120.html"
},
{
"name": "https://warehouse.python.org/project/requests/2.6.0/",
"refsource": "CONFIRM",
"url": "https://warehouse.python.org/project/requests/2.6.0/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2296",
"datePublished": "2015-03-18T16:00:00.000Z",
"dateReserved": "2015-03-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T05:10:16.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2015-2296",
"date": "2026-06-22",
"epss": "0.03432",
"percentile": "0.87407"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:mageia_project:mageia:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7D2FA5A-6EC3-490B-A6A5-C498C889E30D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEFEBF18-876A-4E3C-A30B-71577B9938CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"18282B8E-738F-495C-B990-F70D0F0F8F8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DE39CDB-643B-4126-9CA2-9C50337BBF58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"425B2FDF-69C3-4C0C-8972-E41EC457F791\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB05BA9A-23AE-49D4-A1E7-96F8964A3BFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"800BD957-9C00-41F9-BD04-485698BD55D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FA61528-1797-44A2-99FA-F24866B4A663\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"544C8C6B-0532-4D06-8A50-6C629B5C48F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D34A4A03-6B83-4FED-91DF-73D3DC895879\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4016F80B-6EB3-4C5B-B2A6-483A24E9E70C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:python:requests:2.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"330946FA-38DC-4797-AEB3-0B038B828F9A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49A63F39-30BE-443F-AF10-6245587D3359\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n resolve_redirects en sessions.py en requests 2.1.0 hasta 2.5.3 permite a atacantes remotos realizar ataques de fijaci\\u00f3n de sesi\\u00f3n a trav\\u00e9s de una cookie sin valor de anfitri\\u00f3n en una redirecci\\u00f3n.\"}]",
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/384.html\"\u003eCWE-384: Session Fixation\u003c/a\u003e",
"id": "CVE-2015-2296",
"lastModified": "2024-11-21T02:27:10.147",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2015-03-18T16:59:03.517",
"references": "[{\"url\": \"http://advisories.mageia.org/MGASA-2015-0120.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2015:133\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/03/14/4\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/03/15/1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2531-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://warehouse.python.org/project/requests/2.6.0/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://advisories.mageia.org/MGASA-2015-0120.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2015:133\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/03/14/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/03/15/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2531-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://warehouse.python.org/project/requests/2.6.0/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2015-2296\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-03-18T16:59:03.517\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n resolve_redirects en sessions.py en requests 2.1.0 hasta 2.5.3 permite a atacantes remotos realizar ataques de fijaci\u00f3n de sesi\u00f3n a trav\u00e9s de una cookie sin valor de anfitri\u00f3n en una redirecci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:mageia_project:mageia:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7D2FA5A-6EC3-490B-A6A5-C498C889E30D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEFEBF18-876A-4E3C-A30B-71577B9938CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18282B8E-738F-495C-B990-F70D0F0F8F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DE39CDB-643B-4126-9CA2-9C50337BBF58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"425B2FDF-69C3-4C0C-8972-E41EC457F791\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB05BA9A-23AE-49D4-A1E7-96F8964A3BFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"800BD957-9C00-41F9-BD04-485698BD55D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FA61528-1797-44A2-99FA-F24866B4A663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"544C8C6B-0532-4D06-8A50-6C629B5C48F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D34A4A03-6B83-4FED-91DF-73D3DC895879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4016F80B-6EB3-4C5B-B2A6-483A24E9E70C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:requests:2.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"330946FA-38DC-4797-AEB3-0B038B828F9A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49A63F39-30BE-443F-AF10-6245587D3359\"}]}]}],\"references\":[{\"url\":\"http://advisories.mageia.org/MGASA-2015-0120.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:133\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/03/14/4\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/03/15/1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2531-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://warehouse.python.org/project/requests/2.6.0/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://advisories.mageia.org/MGASA-2015-0120.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2015:133\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/03/14/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/03/15/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2531-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://warehouse.python.org/project/requests/2.6.0/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/384.html\\\"\u003eCWE-384: Session Fixation\u003c/a\u003e\"}}"
}
}
OPENSUSE-SU-2024:13999-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
python310-requests-2.32.2-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: python310-requests-2.32.2-1.1 on GA media
Description of the patch: These are all security issues fixed in the python310-requests-2.32.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13999
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.9 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "python310-requests-2.32.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the python310-requests-2.32.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13999",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13999-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-1829 page",
"url": "https://www.suse.com/security/cve/CVE-2014-1829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2296 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18074 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35195 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35195/"
}
],
"title": "python310-requests-2.32.2-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13999-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python310-requests-2.32.2-1.1.aarch64",
"product": {
"name": "python310-requests-2.32.2-1.1.aarch64",
"product_id": "python310-requests-2.32.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-requests-2.32.2-1.1.aarch64",
"product": {
"name": "python311-requests-2.32.2-1.1.aarch64",
"product_id": "python311-requests-2.32.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python312-requests-2.32.2-1.1.aarch64",
"product": {
"name": "python312-requests-2.32.2-1.1.aarch64",
"product_id": "python312-requests-2.32.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-requests-2.32.2-1.1.ppc64le",
"product": {
"name": "python310-requests-2.32.2-1.1.ppc64le",
"product_id": "python310-requests-2.32.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-requests-2.32.2-1.1.ppc64le",
"product": {
"name": "python311-requests-2.32.2-1.1.ppc64le",
"product_id": "python311-requests-2.32.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python312-requests-2.32.2-1.1.ppc64le",
"product": {
"name": "python312-requests-2.32.2-1.1.ppc64le",
"product_id": "python312-requests-2.32.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-requests-2.32.2-1.1.s390x",
"product": {
"name": "python310-requests-2.32.2-1.1.s390x",
"product_id": "python310-requests-2.32.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-requests-2.32.2-1.1.s390x",
"product": {
"name": "python311-requests-2.32.2-1.1.s390x",
"product_id": "python311-requests-2.32.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "python312-requests-2.32.2-1.1.s390x",
"product": {
"name": "python312-requests-2.32.2-1.1.s390x",
"product_id": "python312-requests-2.32.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python310-requests-2.32.2-1.1.x86_64",
"product": {
"name": "python310-requests-2.32.2-1.1.x86_64",
"product_id": "python310-requests-2.32.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-requests-2.32.2-1.1.x86_64",
"product": {
"name": "python311-requests-2.32.2-1.1.x86_64",
"product_id": "python311-requests-2.32.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python312-requests-2.32.2-1.1.x86_64",
"product": {
"name": "python312-requests-2.32.2-1.1.x86_64",
"product_id": "python312-requests-2.32.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-requests-2.32.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64"
},
"product_reference": "python310-requests-2.32.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-requests-2.32.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le"
},
"product_reference": "python310-requests-2.32.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-requests-2.32.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x"
},
"product_reference": "python310-requests-2.32.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python310-requests-2.32.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64"
},
"product_reference": "python310-requests-2.32.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-requests-2.32.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64"
},
"product_reference": "python311-requests-2.32.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-requests-2.32.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le"
},
"product_reference": "python311-requests-2.32.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-requests-2.32.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x"
},
"product_reference": "python311-requests-2.32.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-requests-2.32.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64"
},
"product_reference": "python311-requests-2.32.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-requests-2.32.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64"
},
"product_reference": "python312-requests-2.32.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-requests-2.32.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le"
},
"product_reference": "python312-requests-2.32.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-requests-2.32.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x"
},
"product_reference": "python312-requests-2.32.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python312-requests-2.32.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
},
"product_reference": "python312-requests-2.32.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-1829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-1829"
}
],
"notes": [
{
"category": "general",
"text": "Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-1829",
"url": "https://www.suse.com/security/cve/CVE-2014-1829"
},
{
"category": "external",
"summary": "SUSE Bug 897658 for CVE-2014-1829",
"url": "https://bugzilla.suse.com/897658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-1829"
},
{
"cve": "CVE-2015-2296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2296"
}
],
"notes": [
{
"category": "general",
"text": "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2296",
"url": "https://www.suse.com/security/cve/CVE-2015-2296"
},
{
"category": "external",
"summary": "SUSE Bug 922448 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/922448"
},
{
"category": "external",
"summary": "SUSE Bug 926396 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/926396"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2015-2296"
},
{
"cve": "CVE-2018-18074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18074"
}
],
"notes": [
{
"category": "general",
"text": "The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18074",
"url": "https://www.suse.com/security/cve/CVE-2018-18074"
},
{
"category": "external",
"summary": "SUSE Bug 1111622 for CVE-2018-18074",
"url": "https://bugzilla.suse.com/1111622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-18074"
},
{
"cve": "CVE-2024-35195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35195"
}
],
"notes": [
{
"category": "general",
"text": "Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. This vulnerability is fixed in 2.32.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35195",
"url": "https://www.suse.com/security/cve/CVE-2024-35195"
},
{
"category": "external",
"summary": "SUSE Bug 1224788 for CVE-2024-35195",
"url": "https://bugzilla.suse.com/1224788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python310-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python311-requests-2.32.2-1.1.x86_64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.aarch64",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.ppc64le",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.s390x",
"openSUSE Tumbleweed:python312-requests-2.32.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-35195"
}
]
}
PYSEC-2015-17
Vulnerability from pysec - Published: 2015-03-18 16:59 - Updated: 2021-07-05 00:01
VLAI
Details
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.
Impacted products
| Name | purl | requests | pkg:pypi/requests |
|---|
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "requests",
"purl": "pkg:pypi/requests"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3bd8afbff29e50b38f889b2f688785a669b9aafc"
}
],
"repo": "https://github.com/kennethreitz/requests",
"type": "GIT"
},
{
"events": [
{
"introduced": "2.1.0"
},
{
"fixed": "2.6.0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"2.1.0",
"2.2.0",
"2.2.1",
"2.3.0",
"2.4.0",
"2.4.1",
"2.4.2",
"2.4.3",
"2.5.0",
"2.5.1",
"2.5.2",
"2.5.3"
]
}
],
"aliases": [
"CVE-2015-2296",
"GHSA-pg2w-x9wp-vw92"
],
"details": "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.",
"id": "PYSEC-2015-17",
"modified": "2021-07-05T00:01:25.716066Z",
"published": "2015-03-18T16:59:00Z",
"references": [
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/03/15/1"
},
{
"type": "ADVISORY",
"url": "http://www.ubuntu.com/usn/USN-2531-1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/03/14/4"
},
{
"type": "FIX",
"url": "https://github.com/kennethreitz/requests/commit/3bd8afbff29e50b38f889b2f688785a669b9aafc"
},
{
"type": "WEB",
"url": "https://warehouse.python.org/project/requests/2.6.0/"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153594.html"
},
{
"type": "ADVISORY",
"url": "http://advisories.mageia.org/MGASA-2015-0120.html"
},
{
"type": "ADVISORY",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-pg2w-x9wp-vw92"
}
]
}
SUSE-FU-2021:2130-1
Vulnerability from csaf_suse - Published: 2021-06-23 07:10 - Updated: 2021-06-23 07:10Summary
Feature implementation for python39-pip, python39-setuptools
Severity
Moderate
Notes
Title of the patch: Feature implementation for python39-pip, python39-setuptools
Description of the patch: This update for python39-pip, python39-setuptools fixes the following issues:
Changes in python39-setuptools:
- Provide `python39-setuptools` version 44.1.1 with vendored dependencies. (jsc#SLE-17532, jsc#SLE-17957)
Changes in python39-pip:
- Provide `python39-pip` version 20.2.4 with vendored dependencies. (jsc#SLE-17532, jsc#SLE-17957)
Patchnames: SUSE-2021-2130,SUSE-SLE-Module-Basesystem-15-SP3-2021-2130
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
6.8 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Feature implementation for python39-pip, python39-setuptools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python39-pip, python39-setuptools fixes the following issues:\n\nChanges in python39-setuptools:\n\n- Provide `python39-setuptools` version 44.1.1 with vendored dependencies. (jsc#SLE-17532, jsc#SLE-17957)\n\nChanges in python39-pip:\n\n- Provide `python39-pip` version 20.2.4 with vendored dependencies. (jsc#SLE-17532, jsc#SLE-17957)\n\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-2130,SUSE-SLE-Module-Basesystem-15-SP3-2021-2130",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-fu-2021_2130-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-FU-2021:2130-1",
"url": "https://www.suse.com/support/update/announcement//suse-fu-20212130-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-FU-2021:2130-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2021-June/019414.html"
},
{
"category": "self",
"summary": "SUSE Bug 1176262",
"url": "https://bugzilla.suse.com/1176262"
},
{
"category": "self",
"summary": "SUSE Bug 1177127",
"url": "https://bugzilla.suse.com/1177127"
},
{
"category": "self",
"summary": "SUSE Bug 1187170",
"url": "https://bugzilla.suse.com/1187170"
},
{
"category": "self",
"summary": "SUSE Bug 428177",
"url": "https://bugzilla.suse.com/428177"
},
{
"category": "self",
"summary": "SUSE Bug 842516",
"url": "https://bugzilla.suse.com/842516"
},
{
"category": "self",
"summary": "SUSE Bug 913229",
"url": "https://bugzilla.suse.com/913229"
},
{
"category": "self",
"summary": "SUSE Bug 930189",
"url": "https://bugzilla.suse.com/930189"
},
{
"category": "self",
"summary": "SUSE Bug 993968",
"url": "https://bugzilla.suse.com/993968"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5123 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8991 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2296 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-20916 page",
"url": "https://www.suse.com/security/cve/CVE-2019-20916/"
}
],
"title": "Feature implementation for python39-pip, python39-setuptools",
"tracking": {
"current_release_date": "2021-06-23T07:10:31Z",
"generator": {
"date": "2021-06-23T07:10:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-FU-2021:2130-1",
"initial_release_date": "2021-06-23T07:10:31Z",
"revision_history": [
{
"date": "2021-06-23T07:10:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python39-pip-20.2.4-7.5.1.noarch",
"product": {
"name": "python39-pip-20.2.4-7.5.1.noarch",
"product_id": "python39-pip-20.2.4-7.5.1.noarch"
}
},
{
"category": "product_version",
"name": "python39-setuptools-44.1.1-7.3.1.noarch",
"product": {
"name": "python39-setuptools-44.1.1-7.3.1.noarch",
"product_id": "python39-setuptools-44.1.1-7.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pip-20.2.4-7.5.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch"
},
"product_reference": "python39-pip-20.2.4-7.5.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-setuptools-44.1.1-7.3.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
},
"product_reference": "python39-setuptools-44.1.1-7.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-5123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5123"
}
],
"notes": [
{
"category": "general",
"text": "The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5123",
"url": "https://www.suse.com/security/cve/CVE-2013-5123"
},
{
"category": "external",
"summary": "SUSE Bug 864406 for CVE-2013-5123",
"url": "https://bugzilla.suse.com/864406"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-23T07:10:31Z",
"details": "moderate"
}
],
"title": "CVE-2013-5123"
},
{
"cve": "CVE-2014-8991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8991"
}
],
"notes": [
{
"category": "general",
"text": "pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8991",
"url": "https://www.suse.com/security/cve/CVE-2014-8991"
},
{
"category": "external",
"summary": "SUSE Bug 907038 for CVE-2014-8991",
"url": "https://bugzilla.suse.com/907038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-23T07:10:31Z",
"details": "moderate"
}
],
"title": "CVE-2014-8991"
},
{
"cve": "CVE-2015-2296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2296"
}
],
"notes": [
{
"category": "general",
"text": "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2296",
"url": "https://www.suse.com/security/cve/CVE-2015-2296"
},
{
"category": "external",
"summary": "SUSE Bug 922448 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/922448"
},
{
"category": "external",
"summary": "SUSE Bug 926396 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/926396"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-23T07:10:31Z",
"details": "low"
}
],
"title": "CVE-2015-2296"
},
{
"cve": "CVE-2019-20916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-20916"
}
],
"notes": [
{
"category": "general",
"text": "The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-20916",
"url": "https://www.suse.com/security/cve/CVE-2019-20916"
},
{
"category": "external",
"summary": "SUSE Bug 1176262 for CVE-2019-20916",
"url": "https://bugzilla.suse.com/1176262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-pip-20.2.4-7.5.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:python39-setuptools-44.1.1-7.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-06-23T07:10:31Z",
"details": "moderate"
}
],
"title": "CVE-2019-20916"
}
]
}
SUSE-RU-2019:2505-1
Vulnerability from csaf_suse - Published: 2019-10-01 11:10 - Updated: 2019-10-01 11:10Summary
Recommended update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner
Severity
Moderate
Notes
Title of the patch: Recommended update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner
Description of the patch:
This update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner fixes the following issues:
python-pip was updated to 10.0.1 (fate#324191, bsc#1065275)
Enable python3 build for:
- python-jmespath
- python-jsonschema
- python-paramiko
- python-pexpect
- python-pip
- python-ply
- python-pretend
- python-process-tests
- python-pycodestyle
- python-pyflakes
- python-pyxdg
- python-tabulate
- python-vcversioner
Patchnames: SUSE-2019-2505,SUSE-OpenStack-Cloud-7-2019-2505,SUSE-SLE-DESKTOP-12-SP4-2019-2505,SUSE-SLE-Module-Public-Cloud-12-2019-2505,SUSE-SLE-SERVER-12-SP4-2019-2505
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner fixes the following issues:\n\npython-pip was updated to 10.0.1 (fate#324191, bsc#1065275)\n\nEnable python3 build for:\n\n- python-jmespath\n- python-jsonschema\n- python-paramiko\n- python-pexpect\n- python-pip\n- python-ply\n- python-pretend\n- python-process-tests\n- python-pycodestyle\n- python-pyflakes\n- python-pyxdg\n- python-tabulate\n- python-vcversioner\n\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2505,SUSE-OpenStack-Cloud-7-2019-2505,SUSE-SLE-DESKTOP-12-SP4-2019-2505,SUSE-SLE-Module-Public-Cloud-12-2019-2505,SUSE-SLE-SERVER-12-SP4-2019-2505",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2019_2505-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2019:2505-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-20192505-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2019:2505-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2019-October/012610.html"
},
{
"category": "self",
"summary": "SUSE Bug 1065275",
"url": "https://bugzilla.suse.com/1065275"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-5123 page",
"url": "https://www.suse.com/security/cve/CVE-2013-5123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-8991 page",
"url": "https://www.suse.com/security/cve/CVE-2014-8991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2296 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2296/"
}
],
"title": "Recommended update for python-jmespath, python-jsonschema, python-paramiko, python-pexpect, python-pip, python-ply, python-pretend, python-process-tests, python-pycodestyle, python-pyflakes, python-pyxdg, python-tabulate, python-vcversioner",
"tracking": {
"current_release_date": "2019-10-01T11:10:29Z",
"generator": {
"date": "2019-10-01T11:10:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2019:2505-1",
"initial_release_date": "2019-10-01T11:10:29Z",
"revision_history": [
{
"date": "2019-10-01T11:10:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python-jmespath-0.9.2-10.6.1.noarch",
"product": {
"name": "python-jmespath-0.9.2-10.6.1.noarch",
"product_id": "python-jmespath-0.9.2-10.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python-jsonschema-2.2.0-3.3.1.noarch",
"product": {
"name": "python-jsonschema-2.2.0-3.3.1.noarch",
"product_id": "python-jsonschema-2.2.0-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-paramiko-1.18.5-2.15.1.noarch",
"product": {
"name": "python-paramiko-1.18.5-2.15.1.noarch",
"product_id": "python-paramiko-1.18.5-2.15.1.noarch"
}
},
{
"category": "product_version",
"name": "python-pexpect-2.4-4.3.1.noarch",
"product": {
"name": "python-pexpect-2.4-4.3.1.noarch",
"product_id": "python-pexpect-2.4-4.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-pip-10.0.1-11.6.1.noarch",
"product": {
"name": "python-pip-10.0.1-11.6.1.noarch",
"product_id": "python-pip-10.0.1-11.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python-ply-3.4-3.3.1.noarch",
"product": {
"name": "python-ply-3.4-3.3.1.noarch",
"product_id": "python-ply-3.4-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-ply-doc-3.4-3.3.1.noarch",
"product": {
"name": "python-ply-doc-3.4-3.3.1.noarch",
"product_id": "python-ply-doc-3.4-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-pretend-1.0.8-3.3.1.noarch",
"product": {
"name": "python-pretend-1.0.8-3.3.1.noarch",
"product_id": "python-pretend-1.0.8-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-process-tests-1.2.2-1.3.1.noarch",
"product": {
"name": "python-process-tests-1.2.2-1.3.1.noarch",
"product_id": "python-process-tests-1.2.2-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-pycodestyle-2.3.1-1.3.1.noarch",
"product": {
"name": "python-pycodestyle-2.3.1-1.3.1.noarch",
"product_id": "python-pycodestyle-2.3.1-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-pyflakes-1.6.0-1.3.1.noarch",
"product": {
"name": "python-pyflakes-1.6.0-1.3.1.noarch",
"product_id": "python-pyflakes-1.6.0-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-pyxdg-0.25-1.3.1.noarch",
"product": {
"name": "python-pyxdg-0.25-1.3.1.noarch",
"product_id": "python-pyxdg-0.25-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-tabulate-0.7.7-1.3.1.noarch",
"product": {
"name": "python-tabulate-0.7.7-1.3.1.noarch",
"product_id": "python-tabulate-0.7.7-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python-vcversioner-2.16.0.0-1.3.1.noarch",
"product": {
"name": "python-vcversioner-2.16.0.0-1.3.1.noarch",
"product_id": "python-vcversioner-2.16.0.0-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-jmespath-0.9.2-10.6.1.noarch",
"product": {
"name": "python3-jmespath-0.9.2-10.6.1.noarch",
"product_id": "python3-jmespath-0.9.2-10.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-jsonschema-2.2.0-3.3.1.noarch",
"product": {
"name": "python3-jsonschema-2.2.0-3.3.1.noarch",
"product_id": "python3-jsonschema-2.2.0-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-paramiko-1.18.5-2.15.1.noarch",
"product": {
"name": "python3-paramiko-1.18.5-2.15.1.noarch",
"product_id": "python3-paramiko-1.18.5-2.15.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-pexpect-2.4-4.3.1.noarch",
"product": {
"name": "python3-pexpect-2.4-4.3.1.noarch",
"product_id": "python3-pexpect-2.4-4.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-pip-10.0.1-11.6.1.noarch",
"product": {
"name": "python3-pip-10.0.1-11.6.1.noarch",
"product_id": "python3-pip-10.0.1-11.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-ply-3.4-3.3.1.noarch",
"product": {
"name": "python3-ply-3.4-3.3.1.noarch",
"product_id": "python3-ply-3.4-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-ply-doc-3.4-3.3.1.noarch",
"product": {
"name": "python3-ply-doc-3.4-3.3.1.noarch",
"product_id": "python3-ply-doc-3.4-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-pretend-1.0.8-3.3.1.noarch",
"product": {
"name": "python3-pretend-1.0.8-3.3.1.noarch",
"product_id": "python3-pretend-1.0.8-3.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-process-tests-1.2.2-1.3.1.noarch",
"product": {
"name": "python3-process-tests-1.2.2-1.3.1.noarch",
"product_id": "python3-process-tests-1.2.2-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-pycodestyle-2.3.1-1.3.1.noarch",
"product": {
"name": "python3-pycodestyle-2.3.1-1.3.1.noarch",
"product_id": "python3-pycodestyle-2.3.1-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-pyflakes-1.6.0-1.3.1.noarch",
"product": {
"name": "python3-pyflakes-1.6.0-1.3.1.noarch",
"product_id": "python3-pyflakes-1.6.0-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-pyxdg-0.25-1.3.1.noarch",
"product": {
"name": "python3-pyxdg-0.25-1.3.1.noarch",
"product_id": "python3-pyxdg-0.25-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-tabulate-0.7.7-1.3.1.noarch",
"product": {
"name": "python3-tabulate-0.7.7-1.3.1.noarch",
"product_id": "python3-tabulate-0.7.7-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-vcversioner-2.16.0.0-1.3.1.noarch",
"product": {
"name": "python3-vcversioner-2.16.0.0-1.3.1.noarch",
"product_id": "python3-vcversioner-2.16.0.0-1.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pip-10.0.1-11.6.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch"
},
"product_reference": "python-pip-10.0.1-11.6.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-ply-3.4-3.3.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch"
},
"product_reference": "python-ply-3.4-3.3.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-ply-3.4-3.3.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4",
"product_id": "SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch"
},
"product_reference": "python-ply-3.4-3.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jmespath-0.9.2-10.6.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch"
},
"product_reference": "python-jmespath-0.9.2-10.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jsonschema-2.2.0-3.3.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch"
},
"product_reference": "python-jsonschema-2.2.0-3.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-paramiko-1.18.5-2.15.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch"
},
"product_reference": "python-paramiko-1.18.5-2.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pip-10.0.1-11.6.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch"
},
"product_reference": "python-pip-10.0.1-11.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-ply-3.4-3.3.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch"
},
"product_reference": "python-ply-3.4-3.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jmespath-0.9.2-10.6.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch"
},
"product_reference": "python3-jmespath-0.9.2-10.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jsonschema-2.2.0-3.3.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch"
},
"product_reference": "python3-jsonschema-2.2.0-3.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-paramiko-1.18.5-2.15.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch"
},
"product_reference": "python3-paramiko-1.18.5-2.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pip-10.0.1-11.6.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch"
},
"product_reference": "python3-pip-10.0.1-11.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ply-3.4-3.3.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch"
},
"product_reference": "python3-ply-3.4-3.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-ply-3.4-3.3.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch"
},
"product_reference": "python-ply-3.4-3.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-ply-3.4-3.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch"
},
"product_reference": "python-ply-3.4-3.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-5123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-5123"
}
],
"notes": [
{
"category": "general",
"text": "The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch",
"SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-5123",
"url": "https://www.suse.com/security/cve/CVE-2013-5123"
},
{
"category": "external",
"summary": "SUSE Bug 864406 for CVE-2013-5123",
"url": "https://bugzilla.suse.com/864406"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch",
"SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch",
"SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-01T11:10:29Z",
"details": "moderate"
}
],
"title": "CVE-2013-5123"
},
{
"cve": "CVE-2014-8991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-8991"
}
],
"notes": [
{
"category": "general",
"text": "pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch",
"SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-8991",
"url": "https://www.suse.com/security/cve/CVE-2014-8991"
},
{
"category": "external",
"summary": "SUSE Bug 907038 for CVE-2014-8991",
"url": "https://bugzilla.suse.com/907038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch",
"SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch",
"SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-01T11:10:29Z",
"details": "moderate"
}
],
"title": "CVE-2014-8991"
},
{
"cve": "CVE-2015-2296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2296"
}
],
"notes": [
{
"category": "general",
"text": "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch",
"SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2296",
"url": "https://www.suse.com/security/cve/CVE-2015-2296"
},
{
"category": "external",
"summary": "SUSE Bug 922448 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/922448"
},
{
"category": "external",
"summary": "SUSE Bug 926396 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/926396"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jmespath-0.9.2-10.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-jsonschema-2.2.0-3.3.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-paramiko-1.18.5-2.15.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-pip-10.0.1-11.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-ply-3.4-3.3.1.noarch",
"SUSE OpenStack Cloud 7:python-pip-10.0.1-11.6.1.noarch",
"SUSE OpenStack Cloud 7:python-ply-3.4-3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-01T11:10:29Z",
"details": "low"
}
],
"title": "CVE-2015-2296"
}
]
}
SUSE-SU-2015:2156-1
Vulnerability from csaf_suse - Published: 2015-11-30 11:07 - Updated: 2015-11-30 11:07Summary
Security update for python-requests
Severity
Moderate
Notes
Title of the patch: Security update for python-requests
Description of the patch: python-requests was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-2296: The resolve_redirects function in sessions.py allowed remote attackers to
conduct session fixation attacks via a cookie without a host value in a redirect. (bsc#922448)
This non-security issue was fixed:
- Don't use the hardcoded path for certificates. (bsc#935252)
Patchnames: sleclo50sp3-python-requests-12235
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE OpenStack Cloud 5:python-requests-2.3.0-9.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-requests",
"title": "Title of the patch"
},
{
"category": "description",
"text": "python-requests was updated to fix one security issue.\n\nThis security issue was fixed:\n\n- CVE-2015-2296: The resolve_redirects function in sessions.py allowed remote attackers to\n conduct session fixation attacks via a cookie without a host value in a redirect. (bsc#922448)\n\nThis non-security issue was fixed:\n\n- Don\u0027t use the hardcoded path for certificates. (bsc#935252)\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleclo50sp3-python-requests-12235",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_2156-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:2156-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20152156-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:2156-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-November/001704.html"
},
{
"category": "self",
"summary": "SUSE Bug 922448",
"url": "https://bugzilla.suse.com/922448"
},
{
"category": "self",
"summary": "SUSE Bug 935252",
"url": "https://bugzilla.suse.com/935252"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2296 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2296/"
}
],
"title": "Security update for python-requests",
"tracking": {
"current_release_date": "2015-11-30T11:07:43Z",
"generator": {
"date": "2015-11-30T11:07:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:2156-1",
"initial_release_date": "2015-11-30T11:07:43Z",
"revision_history": [
{
"date": "2015-11-30T11:07:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python-requests-2.3.0-9.2.x86_64",
"product": {
"name": "python-requests-2.3.0-9.2.x86_64",
"product_id": "python-requests-2.3.0-9.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 5",
"product": {
"name": "SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:cloud:5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.3.0-9.2.x86_64 as component of SUSE OpenStack Cloud 5",
"product_id": "SUSE OpenStack Cloud 5:python-requests-2.3.0-9.2.x86_64"
},
"product_reference": "python-requests-2.3.0-9.2.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-2296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2296"
}
],
"notes": [
{
"category": "general",
"text": "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE OpenStack Cloud 5:python-requests-2.3.0-9.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2296",
"url": "https://www.suse.com/security/cve/CVE-2015-2296"
},
{
"category": "external",
"summary": "SUSE Bug 922448 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/922448"
},
{
"category": "external",
"summary": "SUSE Bug 926396 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/926396"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE OpenStack Cloud 5:python-requests-2.3.0-9.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-11-30T11:07:43Z",
"details": "low"
}
],
"title": "CVE-2015-2296"
}
]
}
SUSE-SU-2016:0114-1
Vulnerability from csaf_suse - Published: 2016-01-13 20:05 - Updated: 2016-01-13 20:05Summary
Security update for python-requests
Severity
Moderate
Notes
Title of the patch: Security update for python-requests
Description of the patch:
The python-requests module has been updated to version 2.8.1, which brings several
fixes and enhancements:
- Fix handling of cookies on redirect. Previously a cookie without a host value set
would use the hostname for the redirected URL exposing requests users to session
fixation attacks and potentially cookie stealing. (bsc#922448, CVE-2015-2296)
- Add support for per-host proxies. This allows the proxies dictionary to have entries
of the form {'<scheme>://<hostname>': '<proxy>'}. Host-specific
proxies will be used in preference to the previously-supported scheme-specific ones,
but the previous syntax will continue to work.
- Update certificate bundle to match 'certifi' 2015.9.6.2's weak certificate bundle.
- Response.raise_for_status now prints the URL that failed as part of the exception message.
- requests.utils.get_netrc_auth now takes an raise_errors kwarg, defaulting to False.
When True, errors parsing .netrc files cause exceptions to be thrown.
- Change to bundled projects import logic to make it easier to unbundle requests downstream.
- Change the default User-Agent string to avoid leaking data on Linux: now contains only
the requests version.
- The json parameter to post() and friends will now only be used if neither data nor files
are present, consistent with the documentation.
- Empty fields in the NO_PROXY environment variable are now ignored.
- Fix problem where httplib.BadStatusLine would get raised if combining stream=True with
contextlib.closing.
- Prevent bugs where we would attempt to return the same connection back to the connection
pool twice when sending a Chunked body.
- Digest Auth support is now thread safe.
- Resolved several bugs involving chunked transfer encoding and response framing.
- Copy a PreparedRequest's CookieJar more reliably.
- Support bytearrays when passed as parameters in the 'files' argument.
- Avoid data duplication when creating a request with 'str', 'bytes', or 'bytearray'
input to the 'files' argument.
- 'Connection: keep-alive' header is now sent automatically.
- Support for connect timeouts. Timeout now accepts a tuple (connect, read) which is
used to set individual connect and read timeouts.
For a comprehensive list of changes please refer to the package's change log or the
Release Notes at http://docs.python-requests.org/en/latest/community/updates/#id3
Patchnames: SUSE-SLE-DESKTOP-12-SP1-2016-80,SUSE-SLE-HA-12-2016-80,SUSE-SLE-Module-Public-Cloud-12-2016-80,SUSE-SLE-SERVER-12-2016-80,SUSE-SLE-SERVER-12-SP1-2016-80,SUSE-SLE12-CLOUD-5-2016-80,SUSE-Storage-1.0-2016-80,SUSE-Storage-2-2016-80
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-requests-2.8.1-6.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 1.0:python-requests-2.8.1-6.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 2:python-requests-2.8.1-6.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP1:python-requests-2.8.1-6.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12:python-requests-2.8.1-6.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-requests-2.8.1-6.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1:python-requests-2.8.1-6.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12:python-requests-2.8.1-6.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-requests-2.8.1-6.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:python-requests-2.8.1-6.9.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python-requests",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe python-requests module has been updated to version 2.8.1, which brings several\nfixes and enhancements:\n\n- Fix handling of cookies on redirect. Previously a cookie without a host value set\n would use the hostname for the redirected URL exposing requests users to session\n fixation attacks and potentially cookie stealing. (bsc#922448, CVE-2015-2296)\n\n- Add support for per-host proxies. This allows the proxies dictionary to have entries\n of the form {\u0027\u003cscheme\u003e://\u003chostname\u003e\u0027: \u0027\u003cproxy\u003e\u0027}. Host-specific\n proxies will be used in preference to the previously-supported scheme-specific ones,\n but the previous syntax will continue to work.\n- Update certificate bundle to match \u0027certifi\u0027 2015.9.6.2\u0027s weak certificate bundle.\n- Response.raise_for_status now prints the URL that failed as part of the exception message.\n- requests.utils.get_netrc_auth now takes an raise_errors kwarg, defaulting to False.\n When True, errors parsing .netrc files cause exceptions to be thrown.\n- Change to bundled projects import logic to make it easier to unbundle requests downstream.\n- Change the default User-Agent string to avoid leaking data on Linux: now contains only\n the requests version.\n- The json parameter to post() and friends will now only be used if neither data nor files\n are present, consistent with the documentation.\n- Empty fields in the NO_PROXY environment variable are now ignored.\n- Fix problem where httplib.BadStatusLine would get raised if combining stream=True with\n contextlib.closing.\n- Prevent bugs where we would attempt to return the same connection back to the connection\n pool twice when sending a Chunked body.\n- Digest Auth support is now thread safe.\n- Resolved several bugs involving chunked transfer encoding and response framing.\n- Copy a PreparedRequest\u0027s CookieJar more reliably.\n- Support bytearrays when passed as parameters in the \u0027files\u0027 argument.\n- Avoid data duplication when creating a request with \u0027str\u0027, \u0027bytes\u0027, or \u0027bytearray\u0027\n input to the \u0027files\u0027 argument.\n- \u0027Connection: keep-alive\u0027 header is now sent automatically.\n- Support for connect timeouts. Timeout now accepts a tuple (connect, read) which is\n used to set individual connect and read timeouts.\n\nFor a comprehensive list of changes please refer to the package\u0027s change log or the\nRelease Notes at http://docs.python-requests.org/en/latest/community/updates/#id3\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP1-2016-80,SUSE-SLE-HA-12-2016-80,SUSE-SLE-Module-Public-Cloud-12-2016-80,SUSE-SLE-SERVER-12-2016-80,SUSE-SLE-SERVER-12-SP1-2016-80,SUSE-SLE12-CLOUD-5-2016-80,SUSE-Storage-1.0-2016-80,SUSE-Storage-2-2016-80",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0114-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:0114-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160114-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:0114-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-January/001801.html"
},
{
"category": "self",
"summary": "SUSE Bug 922448",
"url": "https://bugzilla.suse.com/922448"
},
{
"category": "self",
"summary": "SUSE Bug 929736",
"url": "https://bugzilla.suse.com/929736"
},
{
"category": "self",
"summary": "SUSE Bug 961596",
"url": "https://bugzilla.suse.com/961596"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2296 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2296/"
}
],
"title": "Security update for python-requests",
"tracking": {
"current_release_date": "2016-01-13T20:05:42Z",
"generator": {
"date": "2016-01-13T20:05:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:0114-1",
"initial_release_date": "2016-01-13T20:05:42Z",
"revision_history": [
{
"date": "2016-01-13T20:05:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python-requests-2.8.1-6.9.1.noarch",
"product": {
"name": "python-requests-2.8.1-6.9.1.noarch",
"product_id": "python-requests-2.8.1-6.9.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12",
"product_id": "SUSE Linux Enterprise High Availability Extension 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product": {
"name": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-sle12-cloud-compute:5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 1.0",
"product": {
"name": "SUSE Enterprise Storage 1.0",
"product_id": "SUSE Enterprise Storage 1.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:1.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 2",
"product": {
"name": "SUSE Enterprise Storage 2",
"product_id": "SUSE Enterprise Storage 2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.8.1-6.9.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:python-requests-2.8.1-6.9.1.noarch"
},
"product_reference": "python-requests-2.8.1-6.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.8.1-6.9.1.noarch as component of SUSE Linux Enterprise High Availability Extension 12",
"product_id": "SUSE Linux Enterprise High Availability Extension 12:python-requests-2.8.1-6.9.1.noarch"
},
"product_reference": "python-requests-2.8.1-6.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.8.1-6.9.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python-requests-2.8.1-6.9.1.noarch"
},
"product_reference": "python-requests-2.8.1-6.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.8.1-6.9.1.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:python-requests-2.8.1-6.9.1.noarch"
},
"product_reference": "python-requests-2.8.1-6.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.8.1-6.9.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:python-requests-2.8.1-6.9.1.noarch"
},
"product_reference": "python-requests-2.8.1-6.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.8.1-6.9.1.noarch as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:python-requests-2.8.1-6.9.1.noarch"
},
"product_reference": "python-requests-2.8.1-6.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.8.1-6.9.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-requests-2.8.1-6.9.1.noarch"
},
"product_reference": "python-requests-2.8.1-6.9.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.8.1-6.9.1.noarch as component of SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5",
"product_id": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-requests-2.8.1-6.9.1.noarch"
},
"product_reference": "python-requests-2.8.1-6.9.1.noarch",
"relates_to_product_reference": "SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.8.1-6.9.1.noarch as component of SUSE Enterprise Storage 1.0",
"product_id": "SUSE Enterprise Storage 1.0:python-requests-2.8.1-6.9.1.noarch"
},
"product_reference": "python-requests-2.8.1-6.9.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-2.8.1-6.9.1.noarch as component of SUSE Enterprise Storage 2",
"product_id": "SUSE Enterprise Storage 2:python-requests-2.8.1-6.9.1.noarch"
},
"product_reference": "python-requests-2.8.1-6.9.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-2296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2296"
}
],
"notes": [
{
"category": "general",
"text": "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-requests-2.8.1-6.9.1.noarch",
"SUSE Enterprise Storage 1.0:python-requests-2.8.1-6.9.1.noarch",
"SUSE Enterprise Storage 2:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise High Availability Extension 12:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Server 12:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:python-requests-2.8.1-6.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2296",
"url": "https://www.suse.com/security/cve/CVE-2015-2296"
},
{
"category": "external",
"summary": "SUSE Bug 922448 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/922448"
},
{
"category": "external",
"summary": "SUSE Bug 926396 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/926396"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:python-requests-2.8.1-6.9.1.noarch",
"SUSE Enterprise Storage 1.0:python-requests-2.8.1-6.9.1.noarch",
"SUSE Enterprise Storage 2:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise High Availability Extension 12:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Server 12:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:python-requests-2.8.1-6.9.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:python-requests-2.8.1-6.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-01-13T20:05:42Z",
"details": "low"
}
],
"title": "CVE-2015-2296"
}
]
}
SUSE-SU-2020:1792-1
Vulnerability from csaf_suse - Published: 2020-06-26 12:07 - Updated: 2020-06-26 12:07Summary
Security update for python3-requests
Severity
Moderate
Notes
Title of the patch: Security update for python3-requests
Description of the patch: This update for python3-requests provides the following fix:
python-requests was updated to 2.20.1.
Update to version 2.20.1:
* Fixed bug with unintended Authorization header stripping for
redirects using default ports (http/80, https/443).
Update to version 2.20.0:
* Bugfixes
+ Content-Type header parsing is now case-insensitive
(e.g. charset=utf8 v Charset=utf8).
+ Fixed exception leak where certain redirect urls would raise
uncaught urllib3 exceptions.
+ Requests removes Authorization header from requests redirected
from https to http on the same hostname. (CVE-2018-18074)
+ should_bypass_proxies now handles URIs without hostnames
(e.g. files).
Update to version 2.19.1:
* Fixed issue where status_codes.py’s init function failed trying
to append to a __doc__ value of None.
Update to version 2.19.0:
* Improvements
+ Warn about possible slowdown with cryptography version < 1.3.4
+ Check host in proxy URL, before forwarding request to adapter.
+ Maintain fragments properly across redirects. (RFC7231 7.1.2)
+ Removed use of cgi module to expedite library load time.
+ Added support for SHA-256 and SHA-512 digest auth algorithms.
+ Minor performance improvement to Request.content.
* Bugfixes
+ Parsing empty Link headers with parse_header_links() no longer
return one bogus entry.
+ Fixed issue where loading the default certificate bundle from
a zip archive would raise an IOError.
+ Fixed issue with unexpected ImportError on windows system
which do not support winreg module.
+ DNS resolution in proxy bypass no longer includes the username
and password in the request. This also fixes the issue of DNS
queries failing on macOS.
+ Properly normalize adapter prefixes for url comparison.
+ Passing None as a file pointer to the files param no longer
raises an exception.
+ Calling copy on a RequestsCookieJar will now preserve the
cookie policy correctly.
Update to version 2.18.4:
* Improvements
+ Error messages for invalid headers now include the header name
for easier debugging
Update to version 2.18.3:
* Improvements
+ Running $ python -m requests.help now includes the installed
version of idna.
* Bugfixes
+ Fixed issue where Requests would raise ConnectionError instead
of SSLError when encountering SSL problems when using urllib3
v1.22.
- Add ca-certificates (and ca-certificates-mozilla) to dependencies, otherwise https
connections will fail.
Patchnames: HPE-Helion-OpenStack-8-2020-1792,SUSE-2020-1792,SUSE-OpenStack-Cloud-7-2020-1792,SUSE-OpenStack-Cloud-8-2020-1792,SUSE-OpenStack-Cloud-Crowbar-8-2020-1792,SUSE-SLE-Module-Public-Cloud-12-2020-1792,SUSE-SLE-SAP-12-SP2-2020-1792,SUSE-SLE-SAP-12-SP3-2020-1792,SUSE-SLE-SDK-12-SP5-2020-1792,SUSE-SLE-SERVER-12-SP2-2020-1792,SUSE-SLE-SERVER-12-SP2-BCL-2020-1792,SUSE-SLE-SERVER-12-SP3-2020-1792,SUSE-SLE-SERVER-12-SP3-BCL-2020-1792,SUSE-SLE-SERVER-12-SP4-2020-1792,SUSE-SLE-SERVER-12-SP5-2020-1792,SUSE-SLE-WE-12-SP5-2020-1792,SUSE-SUSE-Manager-Proxy-3.2-2020-1792,SUSE-SUSE-Manager-Server-3.2-2020-1792,SUSE-Storage-5-2020-1792
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
94 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:python-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP5:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP5:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP5:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 3.2:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 3.2:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 3.2:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 3.2:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
5.9 (Medium)
Affected products
Recommended
94 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HPE Helion OpenStack 8:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: HPE Helion OpenStack 8:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:python-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 5:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-BCL:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-BCL:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3-LTSS:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP5:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP5:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP5:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 3.2:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 3.2:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 3.2:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 3.2:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 3.2:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 7:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 8:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:python3-certifi-2018.4.16-3.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:python3-chardet-3.0.4-5.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:python3-requests-2.20.1-5.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 8:python3-urllib3-1.22-3.20.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python3-requests",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python3-requests provides the following fix:\n\npython-requests was updated to 2.20.1.\n\nUpdate to version 2.20.1:\n\n* Fixed bug with unintended Authorization header stripping for\n redirects using default ports (http/80, https/443).\n\nUpdate to version 2.20.0:\n\n* Bugfixes\n\n + Content-Type header parsing is now case-insensitive\n (e.g. charset=utf8 v Charset=utf8).\n + Fixed exception leak where certain redirect urls would raise\n uncaught urllib3 exceptions.\n + Requests removes Authorization header from requests redirected\n from https to http on the same hostname. (CVE-2018-18074)\n + should_bypass_proxies now handles URIs without hostnames\n (e.g. files).\n\nUpdate to version 2.19.1:\n\n* Fixed issue where status_codes.py\u2019s init function failed trying\n to append to a __doc__ value of None.\n\nUpdate to version 2.19.0:\n\n* Improvements\n\n + Warn about possible slowdown with cryptography version \u003c 1.3.4\n + Check host in proxy URL, before forwarding request to adapter.\n + Maintain fragments properly across redirects. (RFC7231 7.1.2)\n + Removed use of cgi module to expedite library load time.\n + Added support for SHA-256 and SHA-512 digest auth algorithms.\n + Minor performance improvement to Request.content.\n\n* Bugfixes\n\n + Parsing empty Link headers with parse_header_links() no longer\n return one bogus entry.\n + Fixed issue where loading the default certificate bundle from\n a zip archive would raise an IOError.\n + Fixed issue with unexpected ImportError on windows system\n which do not support winreg module.\n + DNS resolution in proxy bypass no longer includes the username\n and password in the request. This also fixes the issue of DNS\n queries failing on macOS.\n + Properly normalize adapter prefixes for url comparison.\n + Passing None as a file pointer to the files param no longer\n raises an exception.\n + Calling copy on a RequestsCookieJar will now preserve the\n cookie policy correctly.\n\nUpdate to version 2.18.4:\n\n* Improvements\n\n + Error messages for invalid headers now include the header name\n for easier debugging\n\nUpdate to version 2.18.3:\n\n* Improvements\n + Running $ python -m requests.help now includes the installed\n version of idna.\n* Bugfixes\n + Fixed issue where Requests would raise ConnectionError instead\n of SSLError when encountering SSL problems when using urllib3\n v1.22.\n\n- Add ca-certificates (and ca-certificates-mozilla) to dependencies, otherwise https\n connections will fail.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2020-1792,SUSE-2020-1792,SUSE-OpenStack-Cloud-7-2020-1792,SUSE-OpenStack-Cloud-8-2020-1792,SUSE-OpenStack-Cloud-Crowbar-8-2020-1792,SUSE-SLE-Module-Public-Cloud-12-2020-1792,SUSE-SLE-SAP-12-SP2-2020-1792,SUSE-SLE-SAP-12-SP3-2020-1792,SUSE-SLE-SDK-12-SP5-2020-1792,SUSE-SLE-SERVER-12-SP2-2020-1792,SUSE-SLE-SERVER-12-SP2-BCL-2020-1792,SUSE-SLE-SERVER-12-SP3-2020-1792,SUSE-SLE-SERVER-12-SP3-BCL-2020-1792,SUSE-SLE-SERVER-12-SP4-2020-1792,SUSE-SLE-SERVER-12-SP5-2020-1792,SUSE-SLE-WE-12-SP5-2020-1792,SUSE-SUSE-Manager-Proxy-3.2-2020-1792,SUSE-SUSE-Manager-Server-3.2-2020-1792,SUSE-Storage-5-2020-1792",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_1792-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:1792-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20201792-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:1792-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-June/007049.html"
},
{
"category": "self",
"summary": "SUSE Bug 1054413",
"url": "https://bugzilla.suse.com/1054413"
},
{
"category": "self",
"summary": "SUSE Bug 1073879",
"url": "https://bugzilla.suse.com/1073879"
},
{
"category": "self",
"summary": "SUSE Bug 1111622",
"url": "https://bugzilla.suse.com/1111622"
},
{
"category": "self",
"summary": "SUSE Bug 1122668",
"url": "https://bugzilla.suse.com/1122668"
},
{
"category": "self",
"summary": "SUSE Bug 761500",
"url": "https://bugzilla.suse.com/761500"
},
{
"category": "self",
"summary": "SUSE Bug 922448",
"url": "https://bugzilla.suse.com/922448"
},
{
"category": "self",
"summary": "SUSE Bug 929736",
"url": "https://bugzilla.suse.com/929736"
},
{
"category": "self",
"summary": "SUSE Bug 935252",
"url": "https://bugzilla.suse.com/935252"
},
{
"category": "self",
"summary": "SUSE Bug 945455",
"url": "https://bugzilla.suse.com/945455"
},
{
"category": "self",
"summary": "SUSE Bug 947357",
"url": "https://bugzilla.suse.com/947357"
},
{
"category": "self",
"summary": "SUSE Bug 961596",
"url": "https://bugzilla.suse.com/961596"
},
{
"category": "self",
"summary": "SUSE Bug 967128",
"url": "https://bugzilla.suse.com/967128"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-2296 page",
"url": "https://www.suse.com/security/cve/CVE-2015-2296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-18074 page",
"url": "https://www.suse.com/security/cve/CVE-2018-18074/"
}
],
"title": "Security update for python3-requests",
"tracking": {
"current_release_date": "2020-06-26T12:07:54Z",
"generator": {
"date": "2020-06-26T12:07:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:1792-1",
"initial_release_date": "2020-06-26T12:07:54Z",
"revision_history": [
{
"date": "2020-06-26T12:07:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "python3-certifi-2018.4.16-3.6.1.noarch",
"product": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch",
"product_id": "python3-certifi-2018.4.16-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-chardet-3.0.4-5.6.1.noarch",
"product": {
"name": "python3-chardet-3.0.4-5.6.1.noarch",
"product_id": "python3-chardet-3.0.4-5.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-requests-2.20.1-5.2.noarch",
"product": {
"name": "python3-requests-2.20.1-5.2.noarch",
"product_id": "python3-requests-2.20.1-5.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-urllib3-1.22-3.20.1.noarch",
"product": {
"name": "python3-urllib3-1.22-3.20.1.noarch",
"product_id": "python3-urllib3-1.22-3.20.1.noarch"
}
},
{
"category": "product_version",
"name": "python-certifi-2018.4.16-3.6.1.noarch",
"product": {
"name": "python-certifi-2018.4.16-3.6.1.noarch",
"product_id": "python-certifi-2018.4.16-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python-chardet-3.0.4-5.6.1.noarch",
"product": {
"name": "python-chardet-3.0.4-5.6.1.noarch",
"product_id": "python-chardet-3.0.4-5.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python-urllib3-1.22-3.20.1.noarch",
"product": {
"name": "python-urllib3-1.22-3.20.1.noarch",
"product_id": "python-urllib3-1.22-3.20.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 3.2",
"product": {
"name": "SUSE Manager Proxy 3.2",
"product_id": "SUSE Manager Proxy 3.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:3.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 3.2",
"product": {
"name": "SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:3.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 5",
"product": {
"name": "SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:python-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP4",
"product_id": "SUSE Linux Enterprise Server 12 SP4:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:python-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:python-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:python-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Linux Enterprise Workstation Extension 12 SP5",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP5:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Manager Proxy 3.2",
"product_id": "SUSE Manager Proxy 3.2:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Manager Proxy 3.2",
"product_id": "SUSE Manager Proxy 3.2:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Manager Proxy 3.2",
"product_id": "SUSE Manager Proxy 3.2:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Manager Proxy 3.2",
"product_id": "SUSE Manager Proxy 3.2:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-certifi-2018.4.16-3.6.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:python-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-chardet-3.0.4-5.6.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:python-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-1.22-3.20.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:python-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-1.22-3.20.1.noarch as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:python-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-certifi-2018.4.16-3.6.1.noarch as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:python3-certifi-2018.4.16-3.6.1.noarch"
},
"product_reference": "python3-certifi-2018.4.16-3.6.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-chardet-3.0.4-5.6.1.noarch as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:python3-chardet-3.0.4-5.6.1.noarch"
},
"product_reference": "python3-chardet-3.0.4-5.6.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-2.20.1-5.2.noarch as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:python3-requests-2.20.1-5.2.noarch"
},
"product_reference": "python3-requests-2.20.1-5.2.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urllib3-1.22-3.20.1.noarch as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:python3-urllib3-1.22-3.20.1.noarch"
},
"product_reference": "python3-urllib3-1.22-3.20.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-2296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-2296"
}
],
"notes": [
{
"category": "general",
"text": "The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:python3-certifi-2018.4.16-3.6.1.noarch",
"HPE Helion OpenStack 8:python3-chardet-3.0.4-5.6.1.noarch",
"HPE Helion OpenStack 8:python3-requests-2.20.1-5.2.noarch",
"HPE Helion OpenStack 8:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Enterprise Storage 5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Enterprise Storage 5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Enterprise Storage 5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Enterprise Storage 5:python3-requests-2.20.1-5.2.noarch",
"SUSE Enterprise Storage 5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Proxy 3.2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Proxy 3.2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Proxy 3.2:python3-requests-2.20.1-5.2.noarch",
"SUSE Manager Proxy 3.2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Server 3.2:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Server 3.2:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Server 3.2:python-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Server 3.2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Server 3.2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Server 3.2:python3-requests-2.20.1-5.2.noarch",
"SUSE Manager Server 3.2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud 7:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud 7:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud 7:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud 7:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud 8:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud 8:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud 8:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud 8:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-urllib3-1.22-3.20.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-2296",
"url": "https://www.suse.com/security/cve/CVE-2015-2296"
},
{
"category": "external",
"summary": "SUSE Bug 922448 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/922448"
},
{
"category": "external",
"summary": "SUSE Bug 926396 for CVE-2015-2296",
"url": "https://bugzilla.suse.com/926396"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:python3-certifi-2018.4.16-3.6.1.noarch",
"HPE Helion OpenStack 8:python3-chardet-3.0.4-5.6.1.noarch",
"HPE Helion OpenStack 8:python3-requests-2.20.1-5.2.noarch",
"HPE Helion OpenStack 8:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Enterprise Storage 5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Enterprise Storage 5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Enterprise Storage 5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Enterprise Storage 5:python3-requests-2.20.1-5.2.noarch",
"SUSE Enterprise Storage 5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Proxy 3.2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Proxy 3.2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Proxy 3.2:python3-requests-2.20.1-5.2.noarch",
"SUSE Manager Proxy 3.2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Server 3.2:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Server 3.2:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Server 3.2:python-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Server 3.2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Server 3.2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Server 3.2:python3-requests-2.20.1-5.2.noarch",
"SUSE Manager Server 3.2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud 7:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud 7:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud 7:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud 7:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud 8:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud 8:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud 8:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud 8:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-urllib3-1.22-3.20.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-26T12:07:54Z",
"details": "low"
}
],
"title": "CVE-2015-2296"
},
{
"cve": "CVE-2018-18074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-18074"
}
],
"notes": [
{
"category": "general",
"text": "The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:python3-certifi-2018.4.16-3.6.1.noarch",
"HPE Helion OpenStack 8:python3-chardet-3.0.4-5.6.1.noarch",
"HPE Helion OpenStack 8:python3-requests-2.20.1-5.2.noarch",
"HPE Helion OpenStack 8:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Enterprise Storage 5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Enterprise Storage 5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Enterprise Storage 5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Enterprise Storage 5:python3-requests-2.20.1-5.2.noarch",
"SUSE Enterprise Storage 5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Proxy 3.2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Proxy 3.2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Proxy 3.2:python3-requests-2.20.1-5.2.noarch",
"SUSE Manager Proxy 3.2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Server 3.2:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Server 3.2:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Server 3.2:python-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Server 3.2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Server 3.2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Server 3.2:python3-requests-2.20.1-5.2.noarch",
"SUSE Manager Server 3.2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud 7:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud 7:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud 7:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud 7:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud 8:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud 8:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud 8:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud 8:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-urllib3-1.22-3.20.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-18074",
"url": "https://www.suse.com/security/cve/CVE-2018-18074"
},
{
"category": "external",
"summary": "SUSE Bug 1111622 for CVE-2018-18074",
"url": "https://bugzilla.suse.com/1111622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:python3-certifi-2018.4.16-3.6.1.noarch",
"HPE Helion OpenStack 8:python3-chardet-3.0.4-5.6.1.noarch",
"HPE Helion OpenStack 8:python3-requests-2.20.1-5.2.noarch",
"HPE Helion OpenStack 8:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Enterprise Storage 5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Enterprise Storage 5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Enterprise Storage 5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Enterprise Storage 5:python3-requests-2.20.1-5.2.noarch",
"SUSE Enterprise Storage 5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Proxy 3.2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Proxy 3.2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Proxy 3.2:python3-requests-2.20.1-5.2.noarch",
"SUSE Manager Proxy 3.2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Server 3.2:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Server 3.2:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Server 3.2:python-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Server 3.2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Server 3.2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Server 3.2:python3-requests-2.20.1-5.2.noarch",
"SUSE Manager Server 3.2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud 7:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud 7:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud 7:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud 7:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud 8:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud 8:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud 8:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud 8:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-urllib3-1.22-3.20.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"HPE Helion OpenStack 8:python3-certifi-2018.4.16-3.6.1.noarch",
"HPE Helion OpenStack 8:python3-chardet-3.0.4-5.6.1.noarch",
"HPE Helion OpenStack 8:python3-requests-2.20.1-5.2.noarch",
"HPE Helion OpenStack 8:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Enterprise Storage 5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Enterprise Storage 5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Enterprise Storage 5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Enterprise Storage 5:python3-requests-2.20.1-5.2.noarch",
"SUSE Enterprise Storage 5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 12:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP2-BCL:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP2-LTSS:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP3-BCL:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP3-LTSS:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP4:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-requests-2.20.1-5.2.noarch",
"SUSE Linux Enterprise Workstation Extension 12 SP5:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Proxy 3.2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Proxy 3.2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Proxy 3.2:python3-requests-2.20.1-5.2.noarch",
"SUSE Manager Proxy 3.2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Server 3.2:python-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Server 3.2:python-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Server 3.2:python-urllib3-1.22-3.20.1.noarch",
"SUSE Manager Server 3.2:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE Manager Server 3.2:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE Manager Server 3.2:python3-requests-2.20.1-5.2.noarch",
"SUSE Manager Server 3.2:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud 7:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud 7:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud 7:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud 7:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud 8:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud 8:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud 8:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud 8:python3-urllib3-1.22-3.20.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-certifi-2018.4.16-3.6.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-chardet-3.0.4-5.6.1.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-requests-2.20.1-5.2.noarch",
"SUSE OpenStack Cloud Crowbar 8:python3-urllib3-1.22-3.20.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-26T12:07:54Z",
"details": "moderate"
}
],
"title": "CVE-2018-18074"
}
]
}
WID-SEC-W-2026-0778
Vulnerability from csaf_certbund - Published: 2026-03-18 23:00 - Updated: 2026-05-11 22:00Summary
Dell Secure Connect Gateway Policy Manager: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Dell Secure Connect Gateway ist eine Softwarelösung, die als sicherer, zentralisierter Punkt für die Verwaltung des Fernzugriffs und des Supports für Hardware und Software von Dell Technologies dient.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Dell Secure Connect Gateway Policy Manager ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- Windows
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Dell Secure Connect Gateway Policy Manager <5.34.00.14
Dell / Secure Connect Gateway
|
Policy Manager <5.34.00.14 | ||
|
Dell Secure Connect Gateway <5.34.00.16
Dell / Secure Connect Gateway
|
<5.34.00.16 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell Secure Connect Gateway ist eine Softwarel\u00f6sung, die als sicherer, zentralisierter Punkt f\u00fcr die Verwaltung des Fernzugriffs und des Supports f\u00fcr Hardware und Software von Dell Technologies dient.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell Secure Connect Gateway Policy Manager ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0778 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0778.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0778 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0778"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-120 vom 2026-03-18",
"url": "https://www.dell.com/support/kbdoc/de-de/000441138/dsa-2026-120-security-update-for-dell-secure-connect-gateway-policy-manager-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2026-152 vom 2026-03-23",
"url": "https://www.dell.com/support/kbdoc/de-de/000443243/dsa-2026-152-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "Dell Security Advisory",
"url": "https://www.dell.com/support/kbdoc/en-us/000462117/dsa-2026-047-security-update-for-dell-ecs-and-objectscale-multiple-vulnerabilities-1"
}
],
"source_lang": "en-US",
"title": "Dell Secure Connect Gateway Policy Manager: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-11T22:00:00.000+00:00",
"generator": {
"date": "2026-05-12T08:12:31.865+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0778",
"initial_release_date": "2026-03-18T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-03-18T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-03-23T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2026-05-11T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.8.1.0-3.8.1.7",
"product": {
"name": "Dell ECS 3.8.1.0-3.8.1.7",
"product_id": "T053778",
"product_identification_helper": {
"cpe": "cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7"
}
}
}
],
"category": "product_name",
"name": "ECS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Policy Manager \u003c5.34.00.14",
"product": {
"name": "Dell Secure Connect Gateway Policy Manager \u003c5.34.00.14",
"product_id": "T051894"
}
},
{
"category": "product_version",
"name": "Policy Manager 5.34.00.14",
"product": {
"name": "Dell Secure Connect Gateway Policy Manager 5.34.00.14",
"product_id": "T051894-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:secure_connect_gateway:policy_manager__5.34.00.14"
}
}
},
{
"category": "product_version_range",
"name": "\u003c5.34.00.16",
"product": {
"name": "Dell Secure Connect Gateway \u003c5.34.00.16",
"product_id": "T052048"
}
},
{
"category": "product_version",
"name": "5.34.00.16",
"product": {
"name": "Dell Secure Connect Gateway 5.34.00.16",
"product_id": "T052048-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:secure_connect_gateway:5.34.00.16"
}
}
}
],
"category": "product_name",
"name": "Secure Connect Gateway"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-8991",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2014-8991"
},
{
"cve": "CVE-2015-2296",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2015-2296"
},
{
"cve": "CVE-2019-6778",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2019-6778"
},
{
"cve": "CVE-2020-10756",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2020-10756"
},
{
"cve": "CVE-2020-13645",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2020-13645"
},
{
"cve": "CVE-2020-1983",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2020-1983"
},
{
"cve": "CVE-2020-24455",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2020-24455"
},
{
"cve": "CVE-2020-25219",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2020-25219"
},
{
"cve": "CVE-2020-26154",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2020-26154"
},
{
"cve": "CVE-2020-29130",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2020-29130"
},
{
"cve": "CVE-2021-3592",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2021-3592"
},
{
"cve": "CVE-2021-3593",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2021-3593"
},
{
"cve": "CVE-2021-3594",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2021-3594"
},
{
"cve": "CVE-2021-3595",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2021-3595"
},
{
"cve": "CVE-2022-40897",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2022-40897"
},
{
"cve": "CVE-2023-22745",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2023-22745"
},
{
"cve": "CVE-2023-5752",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2023-5752"
},
{
"cve": "CVE-2024-25621",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2024-25621"
},
{
"cve": "CVE-2024-29040",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2024-29040"
},
{
"cve": "CVE-2024-6345",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2024-6345"
},
{
"cve": "CVE-2025-10911",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-10911"
},
{
"cve": "CVE-2025-11226",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-11226"
},
{
"cve": "CVE-2025-11468",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-11468"
},
{
"cve": "CVE-2025-11563",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-11563"
},
{
"cve": "CVE-2025-11731",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-11731"
},
{
"cve": "CVE-2025-12084",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-12084"
},
{
"cve": "CVE-2025-12781",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-12781"
},
{
"cve": "CVE-2025-1352",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-1352"
},
{
"cve": "CVE-2025-13601",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-13601"
},
{
"cve": "CVE-2025-1372",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-1372"
},
{
"cve": "CVE-2025-1376",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-1376"
},
{
"cve": "CVE-2025-1377",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-1377"
},
{
"cve": "CVE-2025-13836",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-13836"
},
{
"cve": "CVE-2025-13837",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-13837"
},
{
"cve": "CVE-2025-14087",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-14087"
},
{
"cve": "CVE-2025-14512",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-14512"
},
{
"cve": "CVE-2025-15281",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-15281"
},
{
"cve": "CVE-2025-15282",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-15282"
},
{
"cve": "CVE-2025-15366",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-15366"
},
{
"cve": "CVE-2025-15367",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-15367"
},
{
"cve": "CVE-2025-15467",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-15467"
},
{
"cve": "CVE-2025-24294",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-24294"
},
{
"cve": "CVE-2025-28162",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-28162"
},
{
"cve": "CVE-2025-28164",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-28164"
},
{
"cve": "CVE-2025-31133",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-31133"
},
{
"cve": "CVE-2025-3576",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-3576"
},
{
"cve": "CVE-2025-47273",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-47273"
},
{
"cve": "CVE-2025-52565",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-52565"
},
{
"cve": "CVE-2025-52881",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-52881"
},
{
"cve": "CVE-2025-53057",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-53057"
},
{
"cve": "CVE-2025-53666",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-53666"
},
{
"cve": "CVE-2025-54770",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-54770"
},
{
"cve": "CVE-2025-54771",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-54771"
},
{
"cve": "CVE-2025-54798",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-54798"
},
{
"cve": "CVE-2025-55752",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-59375",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-59375"
},
{
"cve": "CVE-2025-6075",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-6075"
},
{
"cve": "CVE-2025-61661",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-61661"
},
{
"cve": "CVE-2025-61662",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-61662"
},
{
"cve": "CVE-2025-61663",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-61663"
},
{
"cve": "CVE-2025-61664",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-61664"
},
{
"cve": "CVE-2025-61748",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-61748"
},
{
"cve": "CVE-2025-61795",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-61795"
},
{
"cve": "CVE-2025-61984",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-61984"
},
{
"cve": "CVE-2025-61985",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-61985"
},
{
"cve": "CVE-2025-64329",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-64329"
},
{
"cve": "CVE-2025-64505",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-64505"
},
{
"cve": "CVE-2025-64506",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-64506"
},
{
"cve": "CVE-2025-64720",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-64720"
},
{
"cve": "CVE-2025-64756",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-64756"
},
{
"cve": "CVE-2025-65018",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-65018"
},
{
"cve": "CVE-2025-66035",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-66035"
},
{
"cve": "CVE-2025-66293",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-66293"
},
{
"cve": "CVE-2025-66412",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-66412"
},
{
"cve": "CVE-2025-66614",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-66614"
},
{
"cve": "CVE-2025-67721",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-67721"
},
{
"cve": "CVE-2025-68160",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-68160"
},
{
"cve": "CVE-2025-68973",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-68973"
},
{
"cve": "CVE-2025-69418",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-69418"
},
{
"cve": "CVE-2025-69419",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-69419"
},
{
"cve": "CVE-2025-69420",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-69420"
},
{
"cve": "CVE-2025-69421",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-69421"
},
{
"cve": "CVE-2025-69873",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-69873"
},
{
"cve": "CVE-2025-7039",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-7039"
},
{
"cve": "CVE-2025-8291",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-8291"
},
{
"cve": "CVE-2025-9187",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-9187"
},
{
"cve": "CVE-2025-9820",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2025-9820"
},
{
"cve": "CVE-2026-0672",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-0672"
},
{
"cve": "CVE-2026-0861",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-0861"
},
{
"cve": "CVE-2026-0865",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-0865"
},
{
"cve": "CVE-2026-0915",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-0915"
},
{
"cve": "CVE-2026-0988",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-0988"
},
{
"cve": "CVE-2026-1484",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-1484"
},
{
"cve": "CVE-2026-1485",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-1485"
},
{
"cve": "CVE-2026-1489",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-1489"
},
{
"cve": "CVE-2026-22610",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-22610"
},
{
"cve": "CVE-2026-22695",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-22695"
},
{
"cve": "CVE-2026-22795",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-22795"
},
{
"cve": "CVE-2026-22796",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-22796"
},
{
"cve": "CVE-2026-22801",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-22801"
},
{
"cve": "CVE-2026-24734",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-24734"
},
{
"cve": "CVE-2026-24882",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-24882"
},
{
"cve": "CVE-2026-25646",
"product_status": {
"known_affected": [
"T053778",
"T051894",
"T052048"
]
},
"release_date": "2026-03-18T23:00:00.000+00:00",
"title": "CVE-2026-25646"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…