Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2021-42740
Vulnerability from cvelistv5
Published
2021-10-21 14:46
Modified
2024-08-04 03:38
Severity ?
EPSS score ?
Summary
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:38:50.098Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.npmjs.com/package/shell-quote", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-21T14:46:08", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.npmjs.com/package/shell-quote", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-42740", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.npmjs.com/package/shell-quote", refsource: "MISC", url: "https://www.npmjs.com/package/shell-quote", }, { name: "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173", refsource: "CONFIRM", url: "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173", }, { name: "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", refsource: "CONFIRM", url: "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-42740", datePublished: "2021-10-21T14:46:08", dateReserved: "2021-10-20T00:00:00", dateUpdated: "2024-08-04T03:38:50.098Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:shell-quote_project:shell-quote:*:*:*:*:*:node.js:*:*\", \"versionEndExcluding\": \"1.7.3\", \"matchCriteriaId\": \"15FCC4D6-BC95-4B63-BDDF-DB28E3E94A38\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.\"}, {\"lang\": \"es\", \"value\": \"El paquete shell-quote versiones anteriores a 1.7.3 para Node.js permite una inyecci\\u00f3n de comandos. Un atacante puede inyectar metacaracteres de shell sin esconder mediante una regex dise\\u00f1ada para soportar letras de unidad de Windows. Si la salida de este paquete se pasa a un shell real como un argumento citado a un comando con exec(), un atacante puede inyectar comandos arbitrarios. Esto es debido a que la clase de caracteres regex de la letra de unidad de Windows es {A-z] en lugar de la correcta {A-Za-z]. Se presentan varios metacaracteres del shell en el espacio entre la letra Z may\\u00fascula y la letra a min\\u00fascula, como el car\\u00e1cter backtick\"}]", id: "CVE-2021-42740", lastModified: "2024-11-21T06:28:04.853", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2021-10-21T15:15:07.633", references: "[{\"url\": \"https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.npmjs.com/package/shell-quote\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.npmjs.com/package/shell-quote\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]", sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-77\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2021-42740\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-10-21T15:15:07.633\",\"lastModified\":\"2024-11-21T06:28:04.853\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.\"},{\"lang\":\"es\",\"value\":\"El paquete shell-quote versiones anteriores a 1.7.3 para Node.js permite una inyección de comandos. Un atacante puede inyectar metacaracteres de shell sin esconder mediante una regex diseñada para soportar letras de unidad de Windows. Si la salida de este paquete se pasa a un shell real como un argumento citado a un comando con exec(), un atacante puede inyectar comandos arbitrarios. Esto es debido a que la clase de caracteres regex de la letra de unidad de Windows es {A-z] en lugar de la correcta {A-Za-z]. Se presentan varios metacaracteres del shell en el espacio entre la letra Z mayúscula y la letra a minúscula, como el carácter backtick\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:shell-quote_project:shell-quote:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"1.7.3\",\"matchCriteriaId\":\"15FCC4D6-BC95-4B63-BDDF-DB28E3E94A38\"}]}]}],\"references\":[{\"url\":\"https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.npmjs.com/package/shell-quote\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.npmjs.com/package/shell-quote\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}", }, }
suse-su-2022:3761-1
Vulnerability from csaf_suse
Published
2022-10-26 08:58
Modified
2022-10-26 08:58
Summary
Security update for release-notes-susemanager, release-notes-susemanager-proxy
Notes
Title of the patch
Security update for release-notes-susemanager, release-notes-susemanager-proxy
Description of the patch
This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:
Release notes for SUSE Manager:
- Update to SUSE Manager 4.3.2
* Containerized proxy and RBS are now fully supported
* HTTP API is now fully supported
* Ubuntu 22.04 is now supported as a client
* Cobbler has been upgraded to version 3.3.3 which also includes building ISOs with UEFI support
* pip support has been added for the Salt Bundle
* Prometheus exporter for Apache has been upgraded to 0.10.0
* CVEs fixed: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860, CVE-2022-31129
* Bugs mentioned:
bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027, bsc#1198168
bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573, bsc#1200629
bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626, bsc#1201753
bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271, bsc#1202272
bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602, bsc#1202728
bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026, bsc#1203049
bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288, bsc#1203385
bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478, bsc#1203484
bsc#1203564, bsc#1203585, bsc#1203611
Release notes for SUSE Manager Proxy:
- Update to SUSE Manager 4.3.2
* Containerized proxy and RBS are now fully supported
* CVEs fixed: CVE-2021-42740, CVE-2021-43138, CVE-2022-31129
* Bugs mentioned:
bsc#1198168, bsc#1198903, bsc#1200480, bsc#1201589, bsc#1201788
bsc#1203287, bsc#1203288, bsc#1203585
Patchnames
SUSE-2022-3761,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2022-3761
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for release-notes-susemanager, release-notes-susemanager-proxy", title: "Title of the patch", }, { category: "description", text: "This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:\n\nRelease notes for SUSE Manager:\n\n- Update to SUSE Manager 4.3.2\n * Containerized proxy and RBS are now fully supported\n * HTTP API is now fully supported\n * Ubuntu 22.04 is now supported as a client\n * Cobbler has been upgraded to version 3.3.3 which also includes building ISOs with UEFI support\n * pip support has been added for the Salt Bundle \n * Prometheus exporter for Apache has been upgraded to 0.10.0\n * CVEs fixed: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860, CVE-2022-31129\n * Bugs mentioned:\n bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027, bsc#1198168\n bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573, bsc#1200629\n bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626, bsc#1201753\n bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271, bsc#1202272\n bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602, bsc#1202728\n bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026, bsc#1203049\n bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288, bsc#1203385\n bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478, bsc#1203484\n bsc#1203564, bsc#1203585, bsc#1203611 \n\nRelease notes for SUSE Manager Proxy:\n\n- Update to SUSE Manager 4.3.2\n * Containerized proxy and RBS are now fully supported\n * CVEs fixed: CVE-2021-42740, CVE-2021-43138, CVE-2022-31129\n * Bugs mentioned:\n bsc#1198168, bsc#1198903, bsc#1200480, bsc#1201589, bsc#1201788\n bsc#1203287, bsc#1203288, bsc#1203585 \n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-3761,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2022-3761", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3761-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:3761-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20223761-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:3761-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012707.html", }, { category: "self", summary: "SUSE Bug 1191857", url: "https://bugzilla.suse.com/1191857", }, { category: "self", summary: "SUSE Bug 1195624", url: "https://bugzilla.suse.com/1195624", }, { category: "self", summary: "SUSE Bug 1196729", url: "https://bugzilla.suse.com/1196729", }, { category: "self", summary: "SUSE Bug 1197027", url: "https://bugzilla.suse.com/1197027", }, { category: "self", summary: "SUSE Bug 1198168", url: "https://bugzilla.suse.com/1198168", }, { category: "self", summary: "SUSE Bug 1198903", url: "https://bugzilla.suse.com/1198903", }, { category: "self", summary: "SUSE Bug 1199726", url: "https://bugzilla.suse.com/1199726", }, { category: "self", summary: "SUSE Bug 1200480", url: "https://bugzilla.suse.com/1200480", }, { category: "self", summary: "SUSE Bug 1200573", url: "https://bugzilla.suse.com/1200573", }, { category: "self", summary: "SUSE Bug 1200629", url: "https://bugzilla.suse.com/1200629", }, { category: "self", summary: "SUSE Bug 1201210", url: "https://bugzilla.suse.com/1201210", }, { category: "self", summary: "SUSE Bug 1201220", url: "https://bugzilla.suse.com/1201220", }, { category: "self", summary: "SUSE Bug 1201260", url: "https://bugzilla.suse.com/1201260", }, { category: "self", summary: "SUSE Bug 1201589", url: "https://bugzilla.suse.com/1201589", }, { category: "self", summary: "SUSE Bug 1201626", url: "https://bugzilla.suse.com/1201626", }, { category: "self", summary: "SUSE Bug 1201753", url: "https://bugzilla.suse.com/1201753", }, { category: "self", summary: "SUSE Bug 1201788", url: "https://bugzilla.suse.com/1201788", }, { category: "self", summary: "SUSE Bug 1201913", url: "https://bugzilla.suse.com/1201913", }, { category: "self", summary: "SUSE Bug 1201918", url: "https://bugzilla.suse.com/1201918", }, { category: "self", summary: "SUSE Bug 1202271", url: "https://bugzilla.suse.com/1202271", }, { category: "self", summary: "SUSE Bug 1202272", url: "https://bugzilla.suse.com/1202272", }, { category: "self", summary: "SUSE Bug 1202367", url: "https://bugzilla.suse.com/1202367", }, { category: "self", summary: "SUSE Bug 1202455", url: "https://bugzilla.suse.com/1202455", }, { category: "self", summary: "SUSE Bug 1202464", url: "https://bugzilla.suse.com/1202464", }, { category: "self", summary: "SUSE Bug 1202602", url: "https://bugzilla.suse.com/1202602", }, { category: "self", summary: "SUSE Bug 1202728", url: "https://bugzilla.suse.com/1202728", }, { category: "self", summary: "SUSE Bug 1202729", url: "https://bugzilla.suse.com/1202729", }, { category: "self", summary: "SUSE Bug 1202805", url: "https://bugzilla.suse.com/1202805", }, { category: "self", summary: "SUSE Bug 1202899", url: "https://bugzilla.suse.com/1202899", }, { category: "self", summary: "SUSE Bug 1203026", url: "https://bugzilla.suse.com/1203026", }, { category: "self", summary: "SUSE Bug 1203049", url: "https://bugzilla.suse.com/1203049", }, { category: "self", summary: "SUSE Bug 1203056", url: "https://bugzilla.suse.com/1203056", }, { category: "self", summary: "SUSE Bug 1203169", url: "https://bugzilla.suse.com/1203169", }, { category: "self", summary: "SUSE Bug 1203287", url: "https://bugzilla.suse.com/1203287", }, { category: "self", summary: "SUSE Bug 1203288", url: "https://bugzilla.suse.com/1203288", }, { category: "self", summary: "SUSE Bug 1203385", url: "https://bugzilla.suse.com/1203385", }, { category: "self", summary: "SUSE Bug 1203406", url: "https://bugzilla.suse.com/1203406", }, { category: "self", summary: "SUSE Bug 1203422", url: "https://bugzilla.suse.com/1203422", }, { category: "self", summary: "SUSE Bug 1203449", url: "https://bugzilla.suse.com/1203449", }, { category: "self", summary: "SUSE Bug 1203478", url: "https://bugzilla.suse.com/1203478", }, { category: "self", summary: "SUSE Bug 1203484", url: "https://bugzilla.suse.com/1203484", }, { category: "self", summary: "SUSE Bug 1203564", url: "https://bugzilla.suse.com/1203564", }, { category: "self", summary: "SUSE Bug 1203585", url: "https://bugzilla.suse.com/1203585", }, { category: "self", summary: "SUSE Bug 1203611", url: "https://bugzilla.suse.com/1203611", }, { category: "self", summary: "SUSE CVE CVE-2021-41411 page", url: "https://www.suse.com/security/cve/CVE-2021-41411/", }, { category: "self", summary: "SUSE CVE CVE-2021-42740 page", url: "https://www.suse.com/security/cve/CVE-2021-42740/", }, { category: "self", summary: "SUSE CVE CVE-2021-43138 page", url: "https://www.suse.com/security/cve/CVE-2021-43138/", }, { category: "self", summary: "SUSE CVE CVE-2022-0860 page", url: "https://www.suse.com/security/cve/CVE-2022-0860/", }, { category: "self", summary: "SUSE CVE CVE-2022-31129 page", url: "https://www.suse.com/security/cve/CVE-2022-31129/", }, ], title: "Security update for release-notes-susemanager, release-notes-susemanager-proxy", tracking: { current_release_date: "2022-10-26T08:58:54Z", generator: { date: "2022-10-26T08:58:54Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:3761-1", initial_release_date: "2022-10-26T08:58:54Z", revision_history: [ { date: "2022-10-26T08:58:54Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "release-notes-susemanager-4.3.2-150400.3.15.1.aarch64", product: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.aarch64", product_id: "release-notes-susemanager-4.3.2-150400.3.15.1.aarch64", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.aarch64", product: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.aarch64", product_id: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.3.2-150400.3.15.1.i586", product: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.i586", product_id: "release-notes-susemanager-4.3.2-150400.3.15.1.i586", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.i586", product: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.i586", product_id: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", product: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", product_id: "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.ppc64le", product: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.ppc64le", product_id: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.3.2-150400.3.15.1.s390x", product: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.s390x", product_id: "release-notes-susemanager-4.3.2-150400.3.15.1.s390x", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.s390x", product: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.s390x", product_id: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", product: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", product_id: "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", product: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", product_id: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Proxy 4.3", product: { name: "SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-proxy:4.3", }, }, }, { category: "product_name", name: "SUSE Manager Retail Branch Server 4.3", product: { name: "SUSE Manager Retail Branch Server 4.3", product_id: "SUSE Manager Retail Branch Server 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-retail-branch-server:4.3", }, }, }, { category: "product_name", name: "SUSE Manager Server 4.3", product: { name: "SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-server:4.3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", }, product_reference: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 as component of SUSE Manager Retail Branch Server 4.3", product_id: "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", }, product_reference: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", relates_to_product_reference: "SUSE Manager Retail Branch Server 4.3", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", }, product_reference: "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.s390x as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", }, product_reference: "release-notes-susemanager-4.3.2-150400.3.15.1.s390x", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64 as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", }, product_reference: "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.3", }, ], }, vulnerabilities: [ { cve: "CVE-2021-41411", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-41411", }, ], notes: [ { category: "general", text: "drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-41411", url: "https://www.suse.com/security/cve/CVE-2021-41411", }, { category: "external", summary: "SUSE Bug 1200629 for CVE-2021-41411", url: "https://bugzilla.suse.com/1200629", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:58:54Z", details: "important", }, ], title: "CVE-2021-41411", }, { cve: "CVE-2021-42740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-42740", }, ], notes: [ { category: "general", text: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-42740", url: "https://www.suse.com/security/cve/CVE-2021-42740", }, { category: "external", summary: "SUSE Bug 1203287 for CVE-2021-42740", url: "https://bugzilla.suse.com/1203287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:58:54Z", details: "critical", }, ], title: "CVE-2021-42740", }, { cve: "CVE-2021-43138", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43138", }, ], notes: [ { category: "general", text: "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-43138", url: "https://www.suse.com/security/cve/CVE-2021-43138", }, { category: "external", summary: "SUSE Bug 1200480 for CVE-2021-43138", url: "https://bugzilla.suse.com/1200480", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:58:54Z", details: "important", }, ], title: "CVE-2021-43138", }, { cve: "CVE-2022-0860", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0860", }, ], notes: [ { category: "general", text: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0860", url: "https://www.suse.com/security/cve/CVE-2022-0860", }, { category: "external", summary: "SUSE Bug 1197027 for CVE-2022-0860", url: "https://bugzilla.suse.com/1197027", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:58:54Z", details: "important", }, ], title: "CVE-2022-0860", }, { cve: "CVE-2022-31129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-31129", }, ], notes: [ { category: "general", text: "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-31129", url: "https://www.suse.com/security/cve/CVE-2022-31129", }, { category: "external", summary: "SUSE Bug 1203288 for CVE-2022-31129", url: "https://bugzilla.suse.com/1203288", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:58:54Z", details: "important", }, ], title: "CVE-2022-31129", }, ], }
suse-su-2022:3314-1
Vulnerability from csaf_suse
Published
2022-09-19 15:38
Modified
2022-09-19 15:38
Summary
Security update for SUSE Manager Server 4.2
Notes
Title of the patch
Security update for SUSE Manager Server 4.2
Description of the patch
This update fixes the following issues:
drools:
- CVE-2021-41411: XML External Entity injection in KieModuleModelImpl.java. (bsc#1200629)
httpcomponents-asyncclient:
- Provide maven metadata needed by other packages to build
image-sync-formula:
- Update to version 0.1.1661440526.b08d95b
* Add option to sort boot images by version (bsc#1196729)
inter-server-sync:
- Version 0.2.3
* Compress exported sql data #16631
* Add gzip dependency to decompress data file during import process
patterns-suse-manager:
- Strictly require OpenJDK 11 (bsc#1202142)
py27-compat-salt:
- Add support for gpgautoimport in zypperpkg module
- Fix salt.states.file.managed() for follow_symlinks=True and test=True (bsc#1199372)
- Add support for name, pkgs and diff_attr parameters to upgrade
function for zypper and yum (bsc#1198489)
- Unify logic on using multiple requisites and add onfail_all (bsc#1198738)
- Normalize package names once with pkg.installed/removed using yum (bsc#1195895)
salt-netapi-client:
- Declare the LICENSE file as license and not doc
- Adapted for Enterprise Linux 9.
- Version 0.20.0
* See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.20.0
saltboot-formula:
- Update to version 0.1.1661440526.b08d95b
* Fallback to local boot if the configured image is not synced
* improve image url modifications - preparation for ftp/http changes
spacecmd:
- Version 4.2.19-1
* Process date values in spacecmd api calls (bsc#1198903)
* Show correct help on calling kickstart_importjson with no arguments
* Fix tracebacks on spacecmd kickstart_export (bsc#1200591)
spacewalk-admin:
- Version 4.2.12-1
* Add --help option to mgr-monitoring-ctl
spacewalk-backend:
- Version 4.2.24-1
* Make reposync use the configured http proxy with mirrorlist (bsc#1198168)
* Revert proxy listChannels token caching pr#4548
* cleanup leftovers from removing unused xmlrpc endpoint
spacewalk-certs-tools:
- Version 4.2.18-1
* traditional stack bootstrap: install product packages (bsc#1201142)
spacewalk-client-tools:
- Version 4.2.20-1
* Update translation strings
spacewalk-java:
- Version 4.2.41-1
* Fixed date format on scheduler related messages (bsc#1195455)
* Support inherited values for kernel options from Cobbler API (bsc#1199913)
* Add channel availability check for product migration (bsc#1200296)
* Check if system has all formulas correctly assigned (bsc#1201607)
* Remove group formula assignments and data on group delete (bsc#1201606)
* Fix sync for external repositories (bsc#1201753)
* fix state.apply result parsing in test mode (bsc#1201913)
* Reduce the length of image channel URL (bsc#1201220)
* Calculate dependencies between cloned channels of vendor channels (bsc#1201626)
* fix symlinks pointing to ongres-stringprep
* Modify parameter type when communicating with the search server (bsc#1187028)
* Fix initial profile and build host on Image Build page (bsc#1199659)
* Fix the confirm message on the refresh action by adding a link
to pending actions on it (bsc#1172705)
* require new salt-netapi-client version
* Clean grub2 reinstall entry in autoyast snippet (bsc#1199950)
spacewalk-search:
- Version 4.2.8-1
* Add methods to handle session id as String
spacewalk-web:
- Version 4.2.29-1
* CVE-2021-43138: Obtain privileges via the `mapValues()` method. (bsc#1200480)
* CVE-2021-42740: Command injection in the shell-quote package. (bsc#1203287)
* CVE-2022-31129: Denial-of-Service moment: inefficient parsing algorithm (bsc#1203288)
* Fix table header layout for unselectable tables
* Fix initial profile and build host on Image Build page (bsc#1199659)
subscription-matcher:
- Added Guava maximum version requirement.
susemanager:
- Version 4.2.37-1
* mark new dependencies for python-py optional in bootstrap repo to fix generation for older service packs
(bsc#1203449)
- Version 4.2.36-1
* add missing packages on SLES 15
* remove server-migrator.sh from SUSE Manager installations (bsc#1202728)
* mgr-create-bootstrap-repo: flush directory also when called for a specific label (bsc#1200573)
* add missing packages on SLES 12 SP5 bootstrap repo (bsc#1201918)
* remove python-tornado from bootstrap repo, since no longer required for salt version >= 3000
* add openSUSE 15.4 product (bsc#1201527)
* add clients tool product to generate bootstrap repo on openSUSE 15.x (bsc#1201189)
susemanager-doc-indexes:
- Documented mandatory channels in the Disconnected Setup chapter of the
Administration Guide (bsc#1202464)
- Documented how to onboard Ubuntu clients with the Salt bundle as a
regular user
- Documented how to onboard Debian clients with the Salt bundle or plain Salt
as a regular user
- Fixed the names of updates channels for Leap
- Fixed errors in OpenSCAP chapter of Administration Guide
- Added exact command to create the bootstrap repo for Salt bundle and about how to disable salt-thin
- Removed CentOS 8 from the list of supported client systems
- Extend the notes about using noexec option for /tmp and /var/tmp (bsc#1201210)
- Reverted single snippet change for two separate books
- Added extend Salt Bundle functionality with Python packages using pip
- Add missing part of the description to enable optional support of the Salt Bundle with Salt SSH
- Added exact command to create the bootstrap repo for salt bundle and about how to disable salt-thin
- Salt Configuration Modules are no longer Technology Preview in Salt Guide.
- Fixed Ubuntu 18 Client registration in Client Configuration Guide (bsc#1201224)
- Added ports 1232 and 1233 in the Ports section of the Installation and
Upgrade Guide; required for Salt SSH Push (bsc#1200532)
- In the Custom Channel section of the Administration Guide add a note
about synchronizing repositories regularly.
- Removed SUSE Linux Enterprise 11 from the list of supported client systems
susemanager-docs_en:
- Documented mandatory channels in the Disconnected Setup chapter of the
Administration Guide (bsc#1202464)
- Documented how to onboard Ubuntu clients with the Salt bundle as a
regular user
- Documented how to onboard Debian clients with the Salt bundle or plain Salt
as a regular user
- Fixed the names of updates channels for Leap
- Fixed errors in OpenSCAP chapter of Administration Guide
- Added exact command to create the bootstrap repo for Salt bundle and about how to disable salt-thin
- Removed CentOS 8 from the list of supported client systems
- Extend the notes about using noexec option for /tmp and /var/tmp (bsc#1201210)
- Reverted single snippet change for two separate books
- Added extend Salt Bundle functionality with Python packages using pip
- Add missing part of the description to enable optional support of the Salt Bundle with Salt SSH
- Added exact command to create the bootstrap repo for salt bundle and about how to disable salt-thin
- Salt Configuration Modules are no longer Technology Preview in Salt Guide.
- Fixed Ubuntu 18 Client registration in Client Configuration Guide (bsc#1201224)
- Added ports 1232 and 1233 in the Ports section of the Installation and
Upgrade Guide; required for Salt SSH Push (bsc#1200532)
- In the Custom Channel section of the Administration Guide add a note
about synchronizing repositories regularly.
- Removed SUSE Linux Enterprise 11 from the list of supported client systems
susemanager-schema:
- Version 4.2.24-1
* Fix migration of image actions (bsc#1202272)
susemanager-sls:
- Version 4.2.27-1
* Copy grains file with util.mgr_switch_to_venv_minion state apply
* Remove the message 'rpm: command not found' on using Salt SSH
with Debian based systems which has no Salt Bundle
* Prevent possible tracebacks on calling module.run from mgrcompat
by setting proper globals with using LazyLoader
* Fix deploy of SLE Micro CA Certificate (bsc#1200276)
uyuni-common-libs:
- Version 4.2.7-1
* Do not allow creating path if nonexistent user or group in fileutils.
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
`spacewalk-service stop`
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
`spacewalk-service start`
Patchnames
SUSE-2022-3314,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-3314,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-3314
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager Server 4.2", title: "Title of the patch", }, { category: "description", text: "This update fixes the following issues:\n\ndrools:\n\n- CVE-2021-41411: XML External Entity injection in KieModuleModelImpl.java. (bsc#1200629)\n\nhttpcomponents-asyncclient:\n\n- Provide maven metadata needed by other packages to build\n\nimage-sync-formula:\n\n- Update to version 0.1.1661440526.b08d95b\n * Add option to sort boot images by version (bsc#1196729)\n\ninter-server-sync:\n\n- Version 0.2.3\n * Compress exported sql data #16631\n * Add gzip dependency to decompress data file during import process\n\npatterns-suse-manager:\n\n- Strictly require OpenJDK 11 (bsc#1202142) \n\npy27-compat-salt:\n\n- Add support for gpgautoimport in zypperpkg module\n- Fix salt.states.file.managed() for follow_symlinks=True and test=True (bsc#1199372)\n- Add support for name, pkgs and diff_attr parameters to upgrade\n function for zypper and yum (bsc#1198489)\n- Unify logic on using multiple requisites and add onfail_all (bsc#1198738)\n- Normalize package names once with pkg.installed/removed using yum (bsc#1195895)\n\nsalt-netapi-client:\n\n- Declare the LICENSE file as license and not doc\n- Adapted for Enterprise Linux 9.\n- Version 0.20.0\n * See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.20.0\n\nsaltboot-formula:\n\n- Update to version 0.1.1661440526.b08d95b\n * Fallback to local boot if the configured image is not synced\n * improve image url modifications - preparation for ftp/http changes\n\nspacecmd:\n\n- Version 4.2.19-1\n * Process date values in spacecmd api calls (bsc#1198903)\n * Show correct help on calling kickstart_importjson with no arguments\n * Fix tracebacks on spacecmd kickstart_export (bsc#1200591)\n\nspacewalk-admin:\n\n- Version 4.2.12-1\n * Add --help option to mgr-monitoring-ctl\n\nspacewalk-backend:\n\n- Version 4.2.24-1\n * Make reposync use the configured http proxy with mirrorlist (bsc#1198168)\n * Revert proxy listChannels token caching pr#4548\n * cleanup leftovers from removing unused xmlrpc endpoint\n\nspacewalk-certs-tools:\n\n- Version 4.2.18-1\n * traditional stack bootstrap: install product packages (bsc#1201142)\n\nspacewalk-client-tools:\n\n- Version 4.2.20-1\n * Update translation strings\n\nspacewalk-java:\n\n- Version 4.2.41-1\n * Fixed date format on scheduler related messages (bsc#1195455)\n * Support inherited values for kernel options from Cobbler API (bsc#1199913)\n * Add channel availability check for product migration (bsc#1200296)\n * Check if system has all formulas correctly assigned (bsc#1201607)\n * Remove group formula assignments and data on group delete (bsc#1201606)\n * Fix sync for external repositories (bsc#1201753)\n * fix state.apply result parsing in test mode (bsc#1201913)\n * Reduce the length of image channel URL (bsc#1201220)\n * Calculate dependencies between cloned channels of vendor channels (bsc#1201626)\n * fix symlinks pointing to ongres-stringprep\n * Modify parameter type when communicating with the search server (bsc#1187028)\n * Fix initial profile and build host on Image Build page (bsc#1199659)\n * Fix the confirm message on the refresh action by adding a link\n to pending actions on it (bsc#1172705)\n * require new salt-netapi-client version\n * Clean grub2 reinstall entry in autoyast snippet (bsc#1199950)\n\nspacewalk-search:\n\n- Version 4.2.8-1\n * Add methods to handle session id as String\n\nspacewalk-web:\n\n- Version 4.2.29-1\n * CVE-2021-43138: Obtain privileges via the `mapValues()` method. (bsc#1200480)\n * CVE-2021-42740: Command injection in the shell-quote package. (bsc#1203287) \n * CVE-2022-31129: Denial-of-Service moment: inefficient parsing algorithm (bsc#1203288)\n * Fix table header layout for unselectable tables\n * Fix initial profile and build host on Image Build page (bsc#1199659)\n\nsubscription-matcher:\n\n- Added Guava maximum version requirement.\n\nsusemanager:\n \n- Version 4.2.37-1\n * mark new dependencies for python-py optional in bootstrap repo to fix generation for older service packs \n (bsc#1203449)\n- Version 4.2.36-1\n * add missing packages on SLES 15\n * remove server-migrator.sh from SUSE Manager installations (bsc#1202728)\n * mgr-create-bootstrap-repo: flush directory also when called for a specific label (bsc#1200573)\n * add missing packages on SLES 12 SP5 bootstrap repo (bsc#1201918)\n * remove python-tornado from bootstrap repo, since no longer required for salt version >= 3000\n * add openSUSE 15.4 product (bsc#1201527)\n * add clients tool product to generate bootstrap repo on openSUSE 15.x (bsc#1201189)\n\nsusemanager-doc-indexes:\n\n- Documented mandatory channels in the Disconnected Setup chapter of the\n Administration Guide (bsc#1202464)\n- Documented how to onboard Ubuntu clients with the Salt bundle as a\n regular user\n- Documented how to onboard Debian clients with the Salt bundle or plain Salt\n as a regular user\n- Fixed the names of updates channels for Leap\n- Fixed errors in OpenSCAP chapter of Administration Guide\n- Added exact command to create the bootstrap repo for Salt bundle and about how to disable salt-thin\n- Removed CentOS 8 from the list of supported client systems\n- Extend the notes about using noexec option for /tmp and /var/tmp (bsc#1201210)\n- Reverted single snippet change for two separate books\n- Added extend Salt Bundle functionality with Python packages using pip\n- Add missing part of the description to enable optional support of the Salt Bundle with Salt SSH\n- Added exact command to create the bootstrap repo for salt bundle and about how to disable salt-thin\n- Salt Configuration Modules are no longer Technology Preview in Salt Guide.\n- Fixed Ubuntu 18 Client registration in Client Configuration Guide (bsc#1201224)\n- Added ports 1232 and 1233 in the Ports section of the Installation and\n Upgrade Guide; required for Salt SSH Push (bsc#1200532)\n- In the Custom Channel section of the Administration Guide add a note\n about synchronizing repositories regularly.\n- Removed SUSE Linux Enterprise 11 from the list of supported client systems\n\nsusemanager-docs_en:\n\n- Documented mandatory channels in the Disconnected Setup chapter of the\n Administration Guide (bsc#1202464)\n- Documented how to onboard Ubuntu clients with the Salt bundle as a\n regular user\n- Documented how to onboard Debian clients with the Salt bundle or plain Salt\n as a regular user\n- Fixed the names of updates channels for Leap\n- Fixed errors in OpenSCAP chapter of Administration Guide\n- Added exact command to create the bootstrap repo for Salt bundle and about how to disable salt-thin\n- Removed CentOS 8 from the list of supported client systems\n- Extend the notes about using noexec option for /tmp and /var/tmp (bsc#1201210)\n- Reverted single snippet change for two separate books\n- Added extend Salt Bundle functionality with Python packages using pip\n- Add missing part of the description to enable optional support of the Salt Bundle with Salt SSH\n- Added exact command to create the bootstrap repo for salt bundle and about how to disable salt-thin\n- Salt Configuration Modules are no longer Technology Preview in Salt Guide.\n- Fixed Ubuntu 18 Client registration in Client Configuration Guide (bsc#1201224)\n- Added ports 1232 and 1233 in the Ports section of the Installation and\n Upgrade Guide; required for Salt SSH Push (bsc#1200532)\n- In the Custom Channel section of the Administration Guide add a note\n about synchronizing repositories regularly.\n- Removed SUSE Linux Enterprise 11 from the list of supported client systems\n\nsusemanager-schema:\n\n- Version 4.2.24-1\n * Fix migration of image actions (bsc#1202272)\n\nsusemanager-sls:\n\n- Version 4.2.27-1\n * Copy grains file with util.mgr_switch_to_venv_minion state apply\n * Remove the message 'rpm: command not found' on using Salt SSH\n with Debian based systems which has no Salt Bundle\n * Prevent possible tracebacks on calling module.run from mgrcompat\n by setting proper globals with using LazyLoader\n * Fix deploy of SLE Micro CA Certificate (bsc#1200276)\n\nuyuni-common-libs:\n\n- Version 4.2.7-1\n * Do not allow creating path if nonexistent user or group in fileutils.\n\nHow to apply this update:\n\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\n`spacewalk-service stop`\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\n`spacewalk-service start`\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-3314,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-3314,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-3314", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3314-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:3314-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20223314-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:3314-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012286.html", }, { category: "self", summary: "SUSE Bug 1172705", url: "https://bugzilla.suse.com/1172705", }, { category: "self", summary: "SUSE Bug 1187028", url: "https://bugzilla.suse.com/1187028", }, { category: "self", summary: "SUSE Bug 1195455", url: "https://bugzilla.suse.com/1195455", }, { category: "self", summary: "SUSE Bug 1195895", url: "https://bugzilla.suse.com/1195895", }, { category: "self", summary: "SUSE Bug 1196729", url: "https://bugzilla.suse.com/1196729", }, { category: "self", summary: "SUSE Bug 1198168", url: "https://bugzilla.suse.com/1198168", }, { category: "self", summary: "SUSE Bug 1198489", url: "https://bugzilla.suse.com/1198489", }, { category: "self", summary: "SUSE Bug 1198738", url: "https://bugzilla.suse.com/1198738", }, { category: "self", summary: "SUSE Bug 1198903", url: "https://bugzilla.suse.com/1198903", }, { category: "self", summary: "SUSE Bug 1199372", url: "https://bugzilla.suse.com/1199372", }, { category: "self", summary: "SUSE Bug 1199659", url: "https://bugzilla.suse.com/1199659", }, { category: "self", summary: "SUSE Bug 1199913", url: "https://bugzilla.suse.com/1199913", }, { category: "self", summary: "SUSE Bug 1199950", url: "https://bugzilla.suse.com/1199950", }, { category: "self", summary: "SUSE Bug 1200276", url: "https://bugzilla.suse.com/1200276", }, { category: "self", summary: "SUSE Bug 1200296", url: "https://bugzilla.suse.com/1200296", }, { category: "self", summary: "SUSE Bug 1200480", url: "https://bugzilla.suse.com/1200480", }, { category: "self", summary: "SUSE Bug 1200532", url: "https://bugzilla.suse.com/1200532", }, { category: "self", summary: "SUSE Bug 1200573", url: "https://bugzilla.suse.com/1200573", }, { category: "self", summary: "SUSE Bug 1200591", url: "https://bugzilla.suse.com/1200591", }, { category: "self", summary: "SUSE Bug 1200629", url: "https://bugzilla.suse.com/1200629", }, { category: "self", summary: "SUSE Bug 1201142", url: "https://bugzilla.suse.com/1201142", }, { category: "self", summary: "SUSE Bug 1201189", url: "https://bugzilla.suse.com/1201189", }, { category: "self", summary: "SUSE Bug 1201210", url: "https://bugzilla.suse.com/1201210", }, { category: "self", summary: "SUSE Bug 1201220", url: "https://bugzilla.suse.com/1201220", }, { category: "self", summary: "SUSE Bug 1201224", url: "https://bugzilla.suse.com/1201224", }, { category: "self", summary: "SUSE Bug 1201527", url: "https://bugzilla.suse.com/1201527", }, { category: "self", summary: "SUSE Bug 1201606", url: "https://bugzilla.suse.com/1201606", }, { category: "self", summary: "SUSE Bug 1201607", url: "https://bugzilla.suse.com/1201607", }, { category: "self", summary: "SUSE Bug 1201626", url: "https://bugzilla.suse.com/1201626", }, { category: "self", summary: "SUSE Bug 1201753", url: "https://bugzilla.suse.com/1201753", }, { category: "self", summary: "SUSE Bug 1201913", url: "https://bugzilla.suse.com/1201913", }, { category: "self", summary: "SUSE Bug 1201918", url: "https://bugzilla.suse.com/1201918", }, { category: "self", summary: "SUSE Bug 1202142", url: "https://bugzilla.suse.com/1202142", }, { category: "self", summary: "SUSE Bug 1202272", url: "https://bugzilla.suse.com/1202272", }, { category: "self", summary: "SUSE Bug 1202464", url: "https://bugzilla.suse.com/1202464", }, { category: "self", summary: "SUSE Bug 1202728", url: "https://bugzilla.suse.com/1202728", }, { category: "self", summary: "SUSE Bug 1203287", url: "https://bugzilla.suse.com/1203287", }, { category: "self", summary: "SUSE Bug 1203288", url: "https://bugzilla.suse.com/1203288", }, { category: "self", summary: "SUSE Bug 1203449", url: "https://bugzilla.suse.com/1203449", }, { category: "self", summary: "SUSE CVE CVE-2021-41411 page", url: "https://www.suse.com/security/cve/CVE-2021-41411/", }, { category: "self", summary: "SUSE CVE CVE-2021-42740 page", url: "https://www.suse.com/security/cve/CVE-2021-42740/", }, { category: "self", summary: "SUSE CVE CVE-2021-43138 page", url: "https://www.suse.com/security/cve/CVE-2021-43138/", }, { category: "self", summary: "SUSE CVE CVE-2022-31129 page", url: "https://www.suse.com/security/cve/CVE-2022-31129/", }, ], title: "Security update for SUSE Manager Server 4.2", tracking: { current_release_date: "2022-09-19T15:38:45Z", generator: { date: "2022-09-19T15:38:45Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:3314-1", initial_release_date: "2022-09-19T15:38:45Z", revision_history: [ { date: "2022-09-19T15:38:45Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "inter-server-sync-0.2.3-150300.8.22.2.aarch64", product: { name: "inter-server-sync-0.2.3-150300.8.22.2.aarch64", product_id: "inter-server-sync-0.2.3-150300.8.22.2.aarch64", }, }, { category: "product_version", name: "patterns-suma_proxy-4.2-150300.4.12.2.aarch64", product: { name: "patterns-suma_proxy-4.2-150300.4.12.2.aarch64", product_id: "patterns-suma_proxy-4.2-150300.4.12.2.aarch64", }, }, { category: "product_version", name: "patterns-suma_retail-4.2-150300.4.12.2.aarch64", product: { name: "patterns-suma_retail-4.2-150300.4.12.2.aarch64", product_id: "patterns-suma_retail-4.2-150300.4.12.2.aarch64", }, }, { category: "product_version", name: "patterns-suma_server-4.2-150300.4.12.2.aarch64", product: { name: "patterns-suma_server-4.2-150300.4.12.2.aarch64", product_id: "patterns-suma_server-4.2-150300.4.12.2.aarch64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64", product: { name: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64", product_id: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64", product: { name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64", product_id: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.aarch64", }, }, { category: "product_version", name: "susemanager-4.2.37-150300.3.41.1.aarch64", product: { name: "susemanager-4.2.37-150300.3.41.1.aarch64", product_id: "susemanager-4.2.37-150300.3.41.1.aarch64", }, }, { category: "product_version", name: "susemanager-tools-4.2.37-150300.3.41.1.aarch64", product: { name: "susemanager-tools-4.2.37-150300.3.41.1.aarch64", product_id: "susemanager-tools-4.2.37-150300.3.41.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "drools-7.17.0-150300.4.6.2.noarch", product: { name: "drools-7.17.0-150300.4.6.2.noarch", product_id: "drools-7.17.0-150300.4.6.2.noarch", }, }, { category: "product_version", name: "httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", product: { name: "httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", product_id: "httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", }, }, { category: "product_version", name: "image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", product: { name: "image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", product_id: "image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", }, }, { category: "product_version", name: "mgr-daemon-4.2.10-150300.2.9.4.noarch", product: { name: "mgr-daemon-4.2.10-150300.2.9.4.noarch", product_id: "mgr-daemon-4.2.10-150300.2.9.4.noarch", }, }, { category: "product_version", name: "py27-compat-salt-3000.3-150300.7.7.23.2.noarch", product: { name: "py27-compat-salt-3000.3-150300.7.7.23.2.noarch", product_id: "py27-compat-salt-3000.3-150300.7.7.23.2.noarch", }, }, { category: "product_version", name: "python2-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", product: { name: "python2-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", product_id: "python2-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", }, }, { category: "product_version", name: "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", product: { name: "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", product_id: "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", }, }, { category: "product_version", name: "python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", product: { name: "python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", product_id: "python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", product: { name: "python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", product_id: "python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", product: { name: "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", product_id: "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", }, }, { category: "product_version", name: "salt-netapi-client-0.20.0-150300.3.9.4.noarch", product: { name: "salt-netapi-client-0.20.0-150300.3.9.4.noarch", product_id: "salt-netapi-client-0.20.0-150300.3.9.4.noarch", }, }, { category: "product_version", name: "salt-netapi-client-javadoc-0.20.0-150300.3.9.4.noarch", product: { name: "salt-netapi-client-javadoc-0.20.0-150300.3.9.4.noarch", product_id: "salt-netapi-client-javadoc-0.20.0-150300.3.9.4.noarch", }, }, { category: "product_version", name: "saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", product: { name: "saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", product_id: "saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", }, }, { category: "product_version", name: "spacecmd-4.2.19-150300.4.27.2.noarch", product: { name: "spacecmd-4.2.19-150300.4.27.2.noarch", product_id: "spacecmd-4.2.19-150300.4.27.2.noarch", }, }, { category: "product_version", name: "spacewalk-admin-4.2.12-150300.3.15.3.noarch", product: { name: "spacewalk-admin-4.2.12-150300.3.15.3.noarch", product_id: "spacewalk-admin-4.2.12-150300.3.15.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-cdn-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-cdn-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-cdn-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", product: { name: "spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", product_id: "spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", }, }, { category: "product_version", name: "spacewalk-base-4.2.29-150300.3.27.3.noarch", product: { name: "spacewalk-base-4.2.29-150300.3.27.3.noarch", product_id: "spacewalk-base-4.2.29-150300.3.27.3.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", product: { name: "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", product_id: "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", product: { name: "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", product_id: "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", }, }, { category: "product_version", name: "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", product: { name: "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", product_id: "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", }, }, { category: "product_version", name: "spacewalk-check-4.2.20-150300.4.24.3.noarch", product: { name: "spacewalk-check-4.2.20-150300.4.24.3.noarch", product_id: "spacewalk-check-4.2.20-150300.4.24.3.noarch", }, }, { category: "product_version", name: "spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", product: { name: "spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", product_id: "spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", }, }, { category: "product_version", name: "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", product: { name: "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", product_id: "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", }, }, { category: "product_version", name: "spacewalk-dobby-4.2.29-150300.3.27.3.noarch", product: { name: "spacewalk-dobby-4.2.29-150300.3.27.3.noarch", product_id: "spacewalk-dobby-4.2.29-150300.3.27.3.noarch", }, }, { category: "product_version", name: "spacewalk-html-4.2.29-150300.3.27.3.noarch", product: { name: "spacewalk-html-4.2.29-150300.3.27.3.noarch", product_id: "spacewalk-html-4.2.29-150300.3.27.3.noarch", }, }, { category: "product_version", name: "spacewalk-html-debug-4.2.29-150300.3.27.3.noarch", product: { name: "spacewalk-html-debug-4.2.29-150300.3.27.3.noarch", product_id: "spacewalk-html-debug-4.2.29-150300.3.27.3.noarch", }, }, { category: "product_version", name: "spacewalk-java-4.2.41-150300.3.43.5.noarch", product: { name: "spacewalk-java-4.2.41-150300.3.43.5.noarch", product_id: "spacewalk-java-4.2.41-150300.3.43.5.noarch", }, }, { category: "product_version", name: "spacewalk-java-apidoc-sources-4.2.41-150300.3.43.5.noarch", product: { name: "spacewalk-java-apidoc-sources-4.2.41-150300.3.43.5.noarch", product_id: "spacewalk-java-apidoc-sources-4.2.41-150300.3.43.5.noarch", }, }, { category: "product_version", name: "spacewalk-java-config-4.2.41-150300.3.43.5.noarch", product: { name: "spacewalk-java-config-4.2.41-150300.3.43.5.noarch", product_id: "spacewalk-java-config-4.2.41-150300.3.43.5.noarch", }, }, { category: "product_version", name: "spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", product: { name: "spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", product_id: "spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", }, }, { category: "product_version", name: "spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", product: { name: "spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", product_id: "spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", product: { name: "spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", product_id: "spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", product: { name: "spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", product_id: "spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", product: { name: "spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", product_id: "spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", product: { name: "spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", product_id: "spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", product: { name: "spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", product_id: "spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", product: { name: "spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", product_id: "spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", }, }, { category: "product_version", name: "spacewalk-search-4.2.8-150300.3.12.2.noarch", product: { name: "spacewalk-search-4.2.8-150300.3.12.2.noarch", product_id: "spacewalk-search-4.2.8-150300.3.12.2.noarch", }, }, { category: "product_version", name: "spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", product: { name: "spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", product_id: "spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", }, }, { category: "product_version", name: "subscription-matcher-0.29-150300.6.12.2.noarch", product: { name: "subscription-matcher-0.29-150300.6.12.2.noarch", product_id: "subscription-matcher-0.29-150300.6.12.2.noarch", }, }, { category: "product_version", name: "susemanager-doc-indexes-4.2-150300.12.33.4.noarch", product: { name: "susemanager-doc-indexes-4.2-150300.12.33.4.noarch", product_id: "susemanager-doc-indexes-4.2-150300.12.33.4.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-4.2-150300.12.33.2.noarch", product: { name: "susemanager-docs_en-4.2-150300.12.33.2.noarch", product_id: "susemanager-docs_en-4.2-150300.12.33.2.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", product: { name: "susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", product_id: "susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", }, }, { category: "product_version", name: "susemanager-schema-4.2.24-150300.3.27.3.noarch", product: { name: "susemanager-schema-4.2.24-150300.3.27.3.noarch", product_id: "susemanager-schema-4.2.24-150300.3.27.3.noarch", }, }, { category: "product_version", name: "susemanager-schema-sanity-4.2.24-150300.3.27.3.noarch", product: { name: "susemanager-schema-sanity-4.2.24-150300.3.27.3.noarch", product_id: "susemanager-schema-sanity-4.2.24-150300.3.27.3.noarch", }, }, { category: "product_version", name: "susemanager-sls-4.2.27-150300.3.33.4.noarch", product: { name: "susemanager-sls-4.2.27-150300.3.33.4.noarch", product_id: "susemanager-sls-4.2.27-150300.3.33.4.noarch", }, }, { category: "product_version", name: "susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", product: { name: "susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", product_id: "susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", }, }, { category: "product_version", name: "uyuni-config-modules-4.2.27-150300.3.33.4.noarch", product: { name: "uyuni-config-modules-4.2.27-150300.3.33.4.noarch", product_id: "uyuni-config-modules-4.2.27-150300.3.33.4.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.3-150300.8.22.2.ppc64le", product: { name: "inter-server-sync-0.2.3-150300.8.22.2.ppc64le", product_id: "inter-server-sync-0.2.3-150300.8.22.2.ppc64le", }, }, { category: "product_version", name: "patterns-suma_proxy-4.2-150300.4.12.2.ppc64le", product: { name: "patterns-suma_proxy-4.2-150300.4.12.2.ppc64le", product_id: "patterns-suma_proxy-4.2-150300.4.12.2.ppc64le", }, }, { category: "product_version", name: "patterns-suma_retail-4.2-150300.4.12.2.ppc64le", product: { name: "patterns-suma_retail-4.2-150300.4.12.2.ppc64le", product_id: "patterns-suma_retail-4.2-150300.4.12.2.ppc64le", }, }, { category: "product_version", name: "patterns-suma_server-4.2-150300.4.12.2.ppc64le", product: { name: "patterns-suma_server-4.2-150300.4.12.2.ppc64le", product_id: "patterns-suma_server-4.2-150300.4.12.2.ppc64le", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", product: { name: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", product_id: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", product: { name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", product_id: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", }, }, { category: "product_version", name: "susemanager-4.2.37-150300.3.41.1.ppc64le", product: { name: "susemanager-4.2.37-150300.3.41.1.ppc64le", product_id: "susemanager-4.2.37-150300.3.41.1.ppc64le", }, }, { category: "product_version", name: "susemanager-tools-4.2.37-150300.3.41.1.ppc64le", product: { name: "susemanager-tools-4.2.37-150300.3.41.1.ppc64le", product_id: "susemanager-tools-4.2.37-150300.3.41.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.3-150300.8.22.2.s390x", product: { name: "inter-server-sync-0.2.3-150300.8.22.2.s390x", product_id: "inter-server-sync-0.2.3-150300.8.22.2.s390x", }, }, { category: "product_version", name: "patterns-suma_proxy-4.2-150300.4.12.2.s390x", product: { name: "patterns-suma_proxy-4.2-150300.4.12.2.s390x", product_id: "patterns-suma_proxy-4.2-150300.4.12.2.s390x", }, }, { category: "product_version", name: "patterns-suma_retail-4.2-150300.4.12.2.s390x", product: { name: "patterns-suma_retail-4.2-150300.4.12.2.s390x", product_id: "patterns-suma_retail-4.2-150300.4.12.2.s390x", }, }, { category: "product_version", name: "patterns-suma_server-4.2-150300.4.12.2.s390x", product: { name: "patterns-suma_server-4.2-150300.4.12.2.s390x", product_id: "patterns-suma_server-4.2-150300.4.12.2.s390x", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", product: { name: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", product_id: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", product: { name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", product_id: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", }, }, { category: "product_version", name: "susemanager-4.2.37-150300.3.41.1.s390x", product: { name: "susemanager-4.2.37-150300.3.41.1.s390x", product_id: "susemanager-4.2.37-150300.3.41.1.s390x", }, }, { category: "product_version", name: "susemanager-tools-4.2.37-150300.3.41.1.s390x", product: { name: "susemanager-tools-4.2.37-150300.3.41.1.s390x", product_id: "susemanager-tools-4.2.37-150300.3.41.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.3-150300.8.22.2.x86_64", product: { name: "inter-server-sync-0.2.3-150300.8.22.2.x86_64", product_id: "inter-server-sync-0.2.3-150300.8.22.2.x86_64", }, }, { category: "product_version", name: "patterns-suma_proxy-4.2-150300.4.12.2.x86_64", product: { name: "patterns-suma_proxy-4.2-150300.4.12.2.x86_64", product_id: "patterns-suma_proxy-4.2-150300.4.12.2.x86_64", }, }, { category: "product_version", name: "patterns-suma_retail-4.2-150300.4.12.2.x86_64", product: { name: "patterns-suma_retail-4.2-150300.4.12.2.x86_64", product_id: "patterns-suma_retail-4.2-150300.4.12.2.x86_64", }, }, { category: "product_version", name: "patterns-suma_server-4.2-150300.4.12.2.x86_64", product: { name: "patterns-suma_server-4.2-150300.4.12.2.x86_64", product_id: "patterns-suma_server-4.2-150300.4.12.2.x86_64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", product: { name: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", product_id: "python2-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", product: { name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", product_id: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", }, }, { category: "product_version", name: "susemanager-4.2.37-150300.3.41.1.x86_64", product: { name: "susemanager-4.2.37-150300.3.41.1.x86_64", product_id: "susemanager-4.2.37-150300.3.41.1.x86_64", }, }, { category: "product_version", name: "susemanager-tools-4.2.37-150300.3.41.1.x86_64", product: { name: "susemanager-tools-4.2.37-150300.3.41.1.x86_64", product_id: "susemanager-tools-4.2.37-150300.3.41.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Proxy Module 4.2", product: { name: "SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-proxy:4.2", }, }, }, { category: "product_name", name: "SUSE Manager Server Module 4.2", product: { name: "SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.2.10-150300.2.9.4.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", }, product_reference: "mgr-daemon-4.2.10-150300.2.9.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_proxy-4.2-150300.4.12.2.x86_64 as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", }, product_reference: "patterns-suma_proxy-4.2-150300.4.12.2.x86_64", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", }, product_reference: "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-check-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", }, product_reference: "python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", }, product_reference: "python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", }, product_reference: "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", }, product_reference: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.2.19-150300.4.27.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", }, product_reference: "spacecmd-4.2.19-150300.4.27.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", }, product_reference: "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", }, product_reference: "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", }, product_reference: "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", }, product_reference: "spacewalk-check-4.2.20-150300.4.24.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", }, product_reference: "spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", }, product_reference: "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", }, product_reference: "spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", }, product_reference: "spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", }, product_reference: "spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", }, product_reference: "spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", }, product_reference: "spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", }, product_reference: "spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", }, product_reference: "susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "drools-7.17.0-150300.4.6.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", }, product_reference: "drools-7.17.0-150300.4.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", }, product_reference: "httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", }, product_reference: "image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.3-150300.8.22.2.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", }, product_reference: "inter-server-sync-0.2.3-150300.8.22.2.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.3-150300.8.22.2.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", }, product_reference: "inter-server-sync-0.2.3-150300.8.22.2.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.3-150300.8.22.2.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", }, product_reference: "inter-server-sync-0.2.3-150300.8.22.2.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_retail-4.2-150300.4.12.2.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", }, product_reference: "patterns-suma_retail-4.2-150300.4.12.2.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_retail-4.2-150300.4.12.2.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", }, product_reference: "patterns-suma_retail-4.2-150300.4.12.2.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_retail-4.2-150300.4.12.2.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", }, product_reference: "patterns-suma_retail-4.2-150300.4.12.2.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_server-4.2-150300.4.12.2.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", }, product_reference: "patterns-suma_server-4.2-150300.4.12.2.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_server-4.2-150300.4.12.2.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", }, product_reference: "patterns-suma_server-4.2-150300.4.12.2.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_server-4.2-150300.4.12.2.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", }, product_reference: "patterns-suma_server-4.2-150300.4.12.2.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "py27-compat-salt-3000.3-150300.7.7.23.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", }, product_reference: "py27-compat-salt-3000.3-150300.7.7.23.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", }, product_reference: "python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", }, product_reference: "python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", }, product_reference: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", }, product_reference: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", }, product_reference: "python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "salt-netapi-client-0.20.0-150300.3.9.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", }, product_reference: "salt-netapi-client-0.20.0-150300.3.9.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", }, product_reference: "saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.2.19-150300.4.27.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", }, product_reference: "spacecmd-4.2.19-150300.4.27.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-admin-4.2.12-150300.3.15.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", }, product_reference: "spacewalk-admin-4.2.12-150300.3.15.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-app-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-server-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", }, product_reference: "spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", }, product_reference: "spacewalk-base-4.2.29-150300.3.27.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", }, product_reference: "spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", }, product_reference: "spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", }, product_reference: "spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", }, product_reference: "spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-html-4.2.29-150300.3.27.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", }, product_reference: "spacewalk-html-4.2.29-150300.3.27.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-4.2.41-150300.3.43.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", }, product_reference: "spacewalk-java-4.2.41-150300.3.43.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-config-4.2.41-150300.3.43.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", }, product_reference: "spacewalk-java-config-4.2.41-150300.3.43.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-lib-4.2.41-150300.3.43.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", }, product_reference: "spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", }, product_reference: "spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-search-4.2.8-150300.3.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", }, product_reference: "spacewalk-search-4.2.8-150300.3.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", }, product_reference: "spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "subscription-matcher-0.29-150300.6.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", }, product_reference: "subscription-matcher-0.29-150300.6.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.37-150300.3.41.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", }, product_reference: "susemanager-4.2.37-150300.3.41.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.37-150300.3.41.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", }, product_reference: "susemanager-4.2.37-150300.3.41.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.37-150300.3.41.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", }, product_reference: "susemanager-4.2.37-150300.3.41.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-doc-indexes-4.2-150300.12.33.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", }, product_reference: "susemanager-doc-indexes-4.2-150300.12.33.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-4.2-150300.12.33.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", }, product_reference: "susemanager-docs_en-4.2-150300.12.33.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", }, product_reference: "susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-schema-4.2.24-150300.3.27.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", }, product_reference: "susemanager-schema-4.2.24-150300.3.27.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-sls-4.2.27-150300.3.33.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", }, product_reference: "susemanager-sls-4.2.27-150300.3.33.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.37-150300.3.41.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", }, product_reference: "susemanager-tools-4.2.37-150300.3.41.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.37-150300.3.41.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", }, product_reference: "susemanager-tools-4.2.37-150300.3.41.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.37-150300.3.41.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", }, product_reference: "susemanager-tools-4.2.37-150300.3.41.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "uyuni-config-modules-4.2.27-150300.3.33.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", }, product_reference: "uyuni-config-modules-4.2.27-150300.3.33.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, ], }, vulnerabilities: [ { cve: "CVE-2021-41411", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-41411", }, ], notes: [ { category: "general", text: "drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-41411", url: "https://www.suse.com/security/cve/CVE-2021-41411", }, { category: "external", summary: "SUSE Bug 1200629 for CVE-2021-41411", url: "https://bugzilla.suse.com/1200629", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, ], threats: [ { category: "impact", date: "2022-09-19T15:38:45Z", details: "important", }, ], title: "CVE-2021-41411", }, { cve: "CVE-2021-42740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-42740", }, ], notes: [ { category: "general", text: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-42740", url: "https://www.suse.com/security/cve/CVE-2021-42740", }, { category: "external", summary: "SUSE Bug 1203287 for CVE-2021-42740", url: "https://bugzilla.suse.com/1203287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, ], threats: [ { category: "impact", date: "2022-09-19T15:38:45Z", details: "critical", }, ], title: "CVE-2021-42740", }, { cve: "CVE-2021-43138", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43138", }, ], notes: [ { category: "general", text: "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-43138", url: "https://www.suse.com/security/cve/CVE-2021-43138", }, { category: "external", summary: "SUSE Bug 1200480 for CVE-2021-43138", url: "https://bugzilla.suse.com/1200480", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, ], threats: [ { category: "impact", date: "2022-09-19T15:38:45Z", details: "important", }, ], title: "CVE-2021-43138", }, { cve: "CVE-2022-31129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-31129", }, ], notes: [ { category: "general", text: "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-31129", url: "https://www.suse.com/security/cve/CVE-2022-31129", }, { category: "external", summary: "SUSE Bug 1203288 for CVE-2022-31129", url: "https://bugzilla.suse.com/1203288", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-daemon-4.2.10-150300.2.9.4.noarch", "SUSE Manager Proxy Module 4.2:patterns-suma_proxy-4.2-150300.4.12.2.x86_64", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.12-150300.3.21.3.noarch", "SUSE Manager Proxy Module 4.2:susemanager-tftpsync-recv-4.2.5-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.6.2.noarch", "SUSE Manager Server Module 4.2:httpcomponents-asyncclient-4.1.4-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:image-sync-formula-0.1.1661440526.b08d95b-150300.3.3.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.3-150300.8.22.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-150300.4.12.2.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.23.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.7-150300.3.9.2.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.20.0-150300.3.9.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1661440526.b08d95b-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.19-150300.4.27.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.12-150300.3.15.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.24-150300.4.29.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.18-150300.3.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.20-150300.4.24.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.29-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.8-150300.3.12.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.41-150300.3.43.5.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.29-150300.6.12.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.33.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.24-150300.3.27.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.27-150300.3.33.4.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.37-150300.3.41.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.27-150300.3.33.4.noarch", ], }, ], threats: [ { category: "impact", date: "2022-09-19T15:38:45Z", details: "important", }, ], title: "CVE-2022-31129", }, ], }
suse-su-2023:0592-1
Vulnerability from csaf_suse
Published
2023-03-02 08:32
Modified
2023-03-02 08:32
Summary
Security update for SUSE Manager Server 4.2
Notes
Title of the patch
Security update for SUSE Manager Server 4.2
Description of the patch
This update fixes the following issues:
cobbler:
- Fix improper authorization (bsc#1197027, CVE-2022-0860)
- Prevent error when starting up logrotate.service (bsc#1188191)
drools:
- Deserialization of Untrusted Data: unsafe data deserialization
in DroolsStreamUtils.java (bsc#1204879, CVE-2022-1415)
grafana-formula:
- Version 0.8.1
* Fix Uyuni/SUMA dashboard names
- Version 0.8.0
* Set dashboard names depending on project
* Update dashboards to use new JSON schema
* Fix PostgreSQL dashboard queries
* Migrate deprecated panels to their current replacements
- Version 0.7.1
* Fix default password field description (bsc#1203698)
* Do not require default admin and password fields
inter-server-sync:
- Version 0.2.7
* Do not update pillars table if it does not exists like in 4.2
- Version 0.2.6
* Export package extra tags for complete debian repo metatdata (bsc#1206375)
* Replace URLs in OS Images pillars when exporting and importing images
- Version 0.2.5
* Correct error when importing without debug log level (bsc#1204699)
mgr-osad:
- Version 4.2.9-1
* Updated logrotate configuration (bsc#1206470)
prometheus-formula:
- Version 0.7.0
* Switch from basic authentication to TLS certificate client
authentication for Blackbox exporter
* Fix scheme label in clients targets configration
* Add README.md
py27-compat-salt:
- Ignore extend declarations from excluded SLS files (bsc#1203886)
- Enhance capture of error messages for Zypper calls in zypperpkg module
rhnlib:
- Version 4.2.7-1
* Don't get stuck at the end of SSL transfers (bsc#1204032)
saltboot-formula:
- Update to version 0.1.1676908681.e90e0b1
* Add failsafe stop file when salt-minion does not stop (bsc#1208418)
* Support salt bundle (bsc#1208499)
salt-netapi-client:
- Version 0.21.0
* See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.21.0
- Add transactional_update module
- Improve logging when creating salt exception
smdba:
- Version 1.7.11
* fix config update from wal_keep_segments to wal_keep_size for
newer postgresql versions (bsc#1204519)
spacecmd:
- Version 4.2.21-1
* Prevent string api parameters to be parsed as dates if not in
ISO-8601 format (bsc#1205759)
* Add python-dateutil dependency, required to process date values in
spacecmd api calls
* Correctly understand 'ssm' keyword on scap scheduling
* Fix dict_keys not supporting indexing in systems_setconfigchannelorger
spacewalk-admin:
- Version 4.2.13-1
* Generate uyuni_roster.conf with salt-secrets-config (bsc#1200096)
spacewalk-backend:
- Version 4.2.26-1
* Fix reposync error about missing 'content-type' key when syncing certain channels
* Compute headers as list of two-tuples to be used by url grabber (bsc#1205523)
* Updated logrotate configuration (bsc#1206470)
* Add 'octet-stream' to accepted content-types for reposync mirrorlists
* Exclude invalid mirror urls for reposync (bsc#1203826)
* do not fetch mirrorlist when a file url is given
* Keep older module metadata files in database (bsc#1201893)
* Removed the activation keys report from the debug information
spacewalk-certs-tools:
- Version 4.2.19-1
* some i18n functions moved to new module which needs to be loaded
(bsc#1201142)
* Generated bootstrap scripts installs all needed Salt 3004 dependencies
for Ubuntu 18.04 (bsc#1204517)
spacewalk-client-tools:
- Version 4.2.22-1
* Update translation strings
spacewalk-java:
- Version 4.2.47-1
* Use uyuni roster salt module instead of flat roster files (bsc#1200096)
- Version 4.2.46-1
* Fix registration with proxy and tunnel SSH (bsc#1200096)
- Version 4.2.45-1
* Add 'none' matcher to CLM AppStream filters (bsc#1206817)
* Improve logs when sls action chain file is missing
* Do not forward ssh command if proxy and tunnel are present (bsc#1200096)
* Fix not being able to delete CLM environment if there are custom child
channels that where not built by the environment (bsc#1206932)
* Include missing 'gpg' states to avoid issues on SSH minions.
* Optimize the number of salt calls on minion startup (bsc#1203532)
* Fix CVE Audit ignoring errata in parent channels if patch in successor
product exists (bsc#1206168)
* Fix CVE Audit incorrectly displaying predecessor product (bsc#1205663)
* Fix modular channel check during system update via XMLRPC (bsc#1206613)
* Trigger a package profile update when a new live-patch is installed (bsc#1206249)
* prevent ISE on activation key page when selected base channel value is null
* Only remove product catalog if PAYG ssh credentials are defined (bsc#1205943)
* Updated logrotate configuration (bsc#1206470)
* Limit changelog data in generated metadata to 20 entries
* Fix CLM to not remove necessary packages when filtering erratas (bsc#1195979)
* check for NULL in DEB package install size value
* Allowed cancelling pending actions with a failed prerequisite (bsc#1204712)
* disable cloned vendor channel auto selection by default (bsc#1204186)
* adapt permissions of temporary ssh key directory
* format results for package, errata and image build actions in
system history similar to state apply results
* Fix ClassCastException
* Run only minion actions that are in the pending status (bsc#1205012)
* Manager reboot in transactional update action chain (bsc#1201476
* Optimize performance of config channels operations for UI and API (bsc#1204029)
* Don't add the same channel twice in the System config addChannel API (bsc#1204029)
* fix xmlrpc call randomly failing with translation error (bsc#1203633)
* Optimize action chain processing on job return event (bsc#1203532)
* Re-calculate salt event queue numbers on restart
* Fix out of memory error when building a CLM project (bsc#1202217)
* Process salt events in FIFO order (bsc#1203532)
* Remove 'SSM' column text where not applicable (bsc#1203588)
* Fix rendering of ssm/MigrateSystems page (bsc#1204651)
* Pass mgr_sudo_user pillar on salt ssh client cleanup (bsc#1202093)
* Deny packages from older module metadata when building CLM projects (bsc#1201893)
* Refresh pillar data for the assigned systems when a CLM channel is built (bsc#1200169)
* delay hardware refresh action to avoid missing channels (bsc#1204208)
* During re-activation, recalculate grains if
* Remove unused gson-extras.jar during build
spacewalk-search:
- Version 4.2.9-1
* Updated logrotate configuration (bsc#1206470)
spacewalk-web:
- Version 4.2.32-1
* Add 'none' matcher to CLM AppStream filters (bsc#1206817)
* fix frontend logging in react pages
* Add bugzilla references to past security fixes
* shell-quote fix CVE-2021-42740 (bsc#1203287)
* moment fix CVE-2022-31129 (bsc#1203288)
supportutils-plugin-susemanager:
- Version 4.2.5-1
* Added dependency for XML Simple
* update susemanager plugin to export the number of pending salt events
susemanager:
- Version 4.2.40-1
* Add mgr-salt-ssh wrapper to use with uyuni roster Salt module (bsc#1200096)
- Version 4.2.39-1
* fix bootstrap repo path for SLES for SAP 12 (bsc#1207141)
* make venv-salt-minion optional for SUSE Manager Proxy 4.2
bootstrap repository (bsc#1206933)
* show RHEL target for bootstrap repo creation only if it is
really connected to the CDN (bsc#1206861)
* add python3-extras to bootstrap repo as dependency of
python3-libxml2, optional SLES 15 does not have it and it
is only required on SP4 or greater (bsc#1204437)
susemanager-build-keys:
- Version 15.3.6
* Add rpmlintrc configuration, so 'W: backup-file-in-package' for
the keyring is ignored. We do not ship backup files, but we own them
because they are created each time gpg is called, and we want them
removed if the package is removed
- uyuni-build-keys.rpmlintrc
susemanager-doc-indexes:
- Include RHEL7 in Salt 3000 to Salt Bundle migration section of the
Client Configuration Guide
- Update Salt Bundle guide as Salt Bundle is now the default
registration method
- Re-added statement about Cobbler support in Reference Guide and Client
Configuration Guide (bsc#1206963)
- Added information about java.salt_event_thread_pool_size in Large
Deployments Guide
- Added information about GPG key usage in the Debian section of the
- Updated default number of changelog entries in Administration Guide
- Include migration guide from Salt 3000 to Bundle for SUSE Linux
Enterprise 12 and CentOS7 in Troubleshooting Clients
- Removed mentions to ABRT in Reference Guide
- Extended note about using Salt SSH with Salt Bundle in 4.2
- Fixed Liberty Linux client tools label in Client Configuration
Guide
susemanager-docs_en:
- Include RHEL7 in Salt 3000 to Salt Bundle migration section of the
Client Configuration Guide
- Update Salt Bundle guide as Salt Bundle is now the default
registration method
- Re-added statement about Cobbler support in Reference Guide and Client
Configuration Guide (bsc#1206963)
- Added information about java.salt_event_thread_pool_size in Large
Deployments Guide
- Added information about GPG key usage in the Debian section of the
- Updated default number of changelog entries in Administration Guide
- Include migration guide from Salt 3000 to Bundle for SUSE Linux
Enterprise 12 and CentOS7 in Troubleshooting Clients.
- Removed mentions to ABRT in Reference Guide
- Extended note about using Salt SSH with Salt Bundle in 4.2
- Fixed Liberty Linux client tools label in Client Configuration
Guide
susemanager-schema:
- Version 4.2.27-1
* Add created and modified fields to suseMinionInfo to make uyuni roster module cache validation more
accurate (bsc#1200096)
- Version 4.2.26-1
* Add 'none' matcher to CLM AppStream filters (bsc#1206817)
* Increase cron_expr varchar length to 120 in suseRecurringAction
table (bsc#1205040)
* Keep older module metadata files in database (bsc#1201893)
* Fix setting of last modified date in channel clone procedure
susemanager-sls:
- Version 4.2.30-1
* Flush uyuni roster cache if the config has changed
* Implement uyuni roster module for Salt (bsc#1200096)
- Version 4.2.30-1
* Fix dnf plugin path calculation when using Salt Bundle (bsc#1208335)
- Version 4.2.29-1
* Improve _mgractionchains.conf logs
* Prevent possible errors from 'mgractionschains' module when there is no action chain to resume.
* Fix mgrnet custom module to be compatible with old Python 2.6 (bsc#1206979) (bsc#1206981)
* Fix custom 'mgrcompat.module_run' state module to work with Salt 3005.1
* filter out libvirt engine events (bsc#1206146)
* Optimize the number of salt calls on minion startup (bsc#1203532)
* Updated logrotate configuration (bsc#1206470)
* Make libvirt-events.conf path depend on what minion is used (bsc#1205920)
* Fix kiwi inspect regexp to allow image names with '-' (bsc#1204541)
* Avoid installing recommended packages from assigned products (bsc#1204330)
* Manager reboot in transactional update action chain (bsc#1201476)
* Use the actual sudo user home directory for salt ssh
clients on bootstrap and clean up (bsc#1202093)
* Perform refresh with packages.pkgupdate state (bsc#1203884)
uyuni-common-libs:
- Version 4.2.9-1
* Fix crash due missing 'context_manager' when running salt-secrets-config service (bsc#1200096)
- Version 4.2.8-1
* some i18n functions moved to new module which needs to be loaded
(bsc#1201142)
virtual-host-gatherer:
- Version 1.0.24-1
* Report total memory of a libvirt hypervisor
* Improve interoperability with other Python projects
woodstox:
- CVE-2022-40152: Fixed stack overflow in XML serialization. (bsc#1203521)
How to apply this update:
1. Log in as root user to the SUSE Manager Server.
2. Stop the Spacewalk service:
`spacewalk-service stop`
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
`spacewalk-service start`
Patchnames
SUSE-2023-592,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2023-592,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2023-592
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager Server 4.2", title: "Title of the patch", }, { category: "description", text: "This update fixes the following issues:\n\ncobbler:\n\n- Fix improper authorization (bsc#1197027, CVE-2022-0860)\n- Prevent error when starting up logrotate.service (bsc#1188191)\n\ndrools:\n\n- Deserialization of Untrusted Data: unsafe data deserialization\n in DroolsStreamUtils.java (bsc#1204879, CVE-2022-1415)\n\ngrafana-formula:\n\n- Version 0.8.1\n * Fix Uyuni/SUMA dashboard names\n- Version 0.8.0\n * Set dashboard names depending on project\n * Update dashboards to use new JSON schema\n * Fix PostgreSQL dashboard queries\n * Migrate deprecated panels to their current replacements\n- Version 0.7.1\n * Fix default password field description (bsc#1203698)\n * Do not require default admin and password fields\n\ninter-server-sync:\n\n- Version 0.2.7\n * Do not update pillars table if it does not exists like in 4.2\n- Version 0.2.6\n * Export package extra tags for complete debian repo metatdata (bsc#1206375)\n * Replace URLs in OS Images pillars when exporting and importing images\n- Version 0.2.5 \n * Correct error when importing without debug log level (bsc#1204699)\n\nmgr-osad:\n\n- Version 4.2.9-1\n * Updated logrotate configuration (bsc#1206470)\n\nprometheus-formula:\n\n- Version 0.7.0\n * Switch from basic authentication to TLS certificate client\n authentication for Blackbox exporter\n * Fix scheme label in clients targets configration\n * Add README.md\n\npy27-compat-salt:\n\n- Ignore extend declarations from excluded SLS files (bsc#1203886)\n- Enhance capture of error messages for Zypper calls in zypperpkg module\n\nrhnlib:\n\n- Version 4.2.7-1\n * Don't get stuck at the end of SSL transfers (bsc#1204032)\n\nsaltboot-formula:\n\n- Update to version 0.1.1676908681.e90e0b1\n * Add failsafe stop file when salt-minion does not stop (bsc#1208418)\n * Support salt bundle (bsc#1208499)\n\nsalt-netapi-client:\n\n- Version 0.21.0\n * See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.21.0\n- Add transactional_update module\n- Improve logging when creating salt exception\n\nsmdba:\n\n- Version 1.7.11\n * fix config update from wal_keep_segments to wal_keep_size for\n newer postgresql versions (bsc#1204519)\n\nspacecmd:\n\n- Version 4.2.21-1\n * Prevent string api parameters to be parsed as dates if not in\n ISO-8601 format (bsc#1205759)\n * Add python-dateutil dependency, required to process date values in\n spacecmd api calls\n * Correctly understand 'ssm' keyword on scap scheduling\n * Fix dict_keys not supporting indexing in systems_setconfigchannelorger\n\nspacewalk-admin:\n\n- Version 4.2.13-1\n * Generate uyuni_roster.conf with salt-secrets-config (bsc#1200096)\n\nspacewalk-backend:\n\n- Version 4.2.26-1\n * Fix reposync error about missing 'content-type' key when syncing certain channels\n * Compute headers as list of two-tuples to be used by url grabber (bsc#1205523)\n * Updated logrotate configuration (bsc#1206470)\n * Add 'octet-stream' to accepted content-types for reposync mirrorlists\n * Exclude invalid mirror urls for reposync (bsc#1203826)\n * do not fetch mirrorlist when a file url is given\n * Keep older module metadata files in database (bsc#1201893)\n * Removed the activation keys report from the debug information\n\nspacewalk-certs-tools:\n\n- Version 4.2.19-1\n * some i18n functions moved to new module which needs to be loaded\n (bsc#1201142)\n * Generated bootstrap scripts installs all needed Salt 3004 dependencies\n for Ubuntu 18.04 (bsc#1204517)\n\nspacewalk-client-tools:\n\n- Version 4.2.22-1\n * Update translation strings\n\nspacewalk-java:\n\n- Version 4.2.47-1\n * Use uyuni roster salt module instead of flat roster files (bsc#1200096)\n- Version 4.2.46-1\n * Fix registration with proxy and tunnel SSH (bsc#1200096)\n- Version 4.2.45-1\n * Add 'none' matcher to CLM AppStream filters (bsc#1206817)\n * Improve logs when sls action chain file is missing\n * Do not forward ssh command if proxy and tunnel are present (bsc#1200096)\n * Fix not being able to delete CLM environment if there are custom child\n channels that where not built by the environment (bsc#1206932)\n * Include missing 'gpg' states to avoid issues on SSH minions.\n * Optimize the number of salt calls on minion startup (bsc#1203532)\n * Fix CVE Audit ignoring errata in parent channels if patch in successor\n product exists (bsc#1206168)\n * Fix CVE Audit incorrectly displaying predecessor product (bsc#1205663)\n * Fix modular channel check during system update via XMLRPC (bsc#1206613)\n * Trigger a package profile update when a new live-patch is installed (bsc#1206249)\n * prevent ISE on activation key page when selected base channel value is null\n * Only remove product catalog if PAYG ssh credentials are defined (bsc#1205943)\n * Updated logrotate configuration (bsc#1206470)\n * Limit changelog data in generated metadata to 20 entries\n * Fix CLM to not remove necessary packages when filtering erratas (bsc#1195979)\n * check for NULL in DEB package install size value\n * Allowed cancelling pending actions with a failed prerequisite (bsc#1204712)\n * disable cloned vendor channel auto selection by default (bsc#1204186)\n * adapt permissions of temporary ssh key directory\n * format results for package, errata and image build actions in\n system history similar to state apply results\n * Fix ClassCastException\n * Run only minion actions that are in the pending status (bsc#1205012)\n * Manager reboot in transactional update action chain (bsc#1201476\n * Optimize performance of config channels operations for UI and API (bsc#1204029)\n * Don't add the same channel twice in the System config addChannel API (bsc#1204029)\n * fix xmlrpc call randomly failing with translation error (bsc#1203633)\n * Optimize action chain processing on job return event (bsc#1203532)\n * Re-calculate salt event queue numbers on restart\n * Fix out of memory error when building a CLM project (bsc#1202217)\n * Process salt events in FIFO order (bsc#1203532)\n * Remove 'SSM' column text where not applicable (bsc#1203588)\n * Fix rendering of ssm/MigrateSystems page (bsc#1204651)\n * Pass mgr_sudo_user pillar on salt ssh client cleanup (bsc#1202093)\n * Deny packages from older module metadata when building CLM projects (bsc#1201893)\n * Refresh pillar data for the assigned systems when a CLM channel is built (bsc#1200169)\n * delay hardware refresh action to avoid missing channels (bsc#1204208)\n * During re-activation, recalculate grains if\n * Remove unused gson-extras.jar during build\n\nspacewalk-search:\n\n- Version 4.2.9-1\n * Updated logrotate configuration (bsc#1206470)\n\nspacewalk-web:\n\n- Version 4.2.32-1\n * Add 'none' matcher to CLM AppStream filters (bsc#1206817)\n * fix frontend logging in react pages\n * Add bugzilla references to past security fixes\n * shell-quote fix CVE-2021-42740 (bsc#1203287)\n * moment fix CVE-2022-31129 (bsc#1203288)\n\nsupportutils-plugin-susemanager:\n\n- Version 4.2.5-1\n * Added dependency for XML Simple\n * update susemanager plugin to export the number of pending salt events\n\nsusemanager:\n\n- Version 4.2.40-1\n * Add mgr-salt-ssh wrapper to use with uyuni roster Salt module (bsc#1200096)\n- Version 4.2.39-1\n * fix bootstrap repo path for SLES for SAP 12 (bsc#1207141)\n * make venv-salt-minion optional for SUSE Manager Proxy 4.2\n bootstrap repository (bsc#1206933)\n * show RHEL target for bootstrap repo creation only if it is\n really connected to the CDN (bsc#1206861)\n * add python3-extras to bootstrap repo as dependency of\n python3-libxml2, optional SLES 15 does not have it and it\n is only required on SP4 or greater (bsc#1204437) \n\nsusemanager-build-keys:\n\n- Version 15.3.6\n * Add rpmlintrc configuration, so 'W: backup-file-in-package' for\n the keyring is ignored. We do not ship backup files, but we own them\n because they are created each time gpg is called, and we want them\n removed if the package is removed\n - uyuni-build-keys.rpmlintrc\n\nsusemanager-doc-indexes:\n\n- Include RHEL7 in Salt 3000 to Salt Bundle migration section of the\n Client Configuration Guide\n- Update Salt Bundle guide as Salt Bundle is now the default\n registration method\n- Re-added statement about Cobbler support in Reference Guide and Client\n Configuration Guide (bsc#1206963)\n- Added information about java.salt_event_thread_pool_size in Large\n Deployments Guide\n- Added information about GPG key usage in the Debian section of the\n- Updated default number of changelog entries in Administration Guide\n- Include migration guide from Salt 3000 to Bundle for SUSE Linux \n Enterprise 12 and CentOS7 in Troubleshooting Clients\n- Removed mentions to ABRT in Reference Guide\n- Extended note about using Salt SSH with Salt Bundle in 4.2\n- Fixed Liberty Linux client tools label in Client Configuration\n Guide\n\nsusemanager-docs_en:\n\n- Include RHEL7 in Salt 3000 to Salt Bundle migration section of the \n Client Configuration Guide\n- Update Salt Bundle guide as Salt Bundle is now the default \n registration method\n- Re-added statement about Cobbler support in Reference Guide and Client\n Configuration Guide (bsc#1206963)\n- Added information about java.salt_event_thread_pool_size in Large\n Deployments Guide\n- Added information about GPG key usage in the Debian section of the \n- Updated default number of changelog entries in Administration Guide\n- Include migration guide from Salt 3000 to Bundle for SUSE Linux \n Enterprise 12 and CentOS7 in Troubleshooting Clients.\n- Removed mentions to ABRT in Reference Guide\n- Extended note about using Salt SSH with Salt Bundle in 4.2\n- Fixed Liberty Linux client tools label in Client Configuration \n Guide\n\nsusemanager-schema:\n\n- Version 4.2.27-1\n * Add created and modified fields to suseMinionInfo to make uyuni roster module cache validation more \n accurate (bsc#1200096)\n- Version 4.2.26-1\n * Add 'none' matcher to CLM AppStream filters (bsc#1206817)\n * Increase cron_expr varchar length to 120 in suseRecurringAction\n table (bsc#1205040)\n * Keep older module metadata files in database (bsc#1201893)\n * Fix setting of last modified date in channel clone procedure\n\nsusemanager-sls:\n\n- Version 4.2.30-1\n * Flush uyuni roster cache if the config has changed\n * Implement uyuni roster module for Salt (bsc#1200096)\n- Version 4.2.30-1\n * Fix dnf plugin path calculation when using Salt Bundle (bsc#1208335)\n- Version 4.2.29-1\n * Improve _mgractionchains.conf logs\n * Prevent possible errors from 'mgractionschains' module when there is no action chain to resume.\n * Fix mgrnet custom module to be compatible with old Python 2.6 (bsc#1206979) (bsc#1206981)\n * Fix custom 'mgrcompat.module_run' state module to work with Salt 3005.1\n * filter out libvirt engine events (bsc#1206146)\n * Optimize the number of salt calls on minion startup (bsc#1203532)\n * Updated logrotate configuration (bsc#1206470)\n * Make libvirt-events.conf path depend on what minion is used (bsc#1205920)\n * Fix kiwi inspect regexp to allow image names with '-' (bsc#1204541)\n * Avoid installing recommended packages from assigned products (bsc#1204330)\n * Manager reboot in transactional update action chain (bsc#1201476)\n * Use the actual sudo user home directory for salt ssh\n clients on bootstrap and clean up (bsc#1202093)\n * Perform refresh with packages.pkgupdate state (bsc#1203884)\n\nuyuni-common-libs:\n\n- Version 4.2.9-1\n * Fix crash due missing 'context_manager' when running salt-secrets-config service (bsc#1200096)\n- Version 4.2.8-1\n * some i18n functions moved to new module which needs to be loaded\n (bsc#1201142)\n\nvirtual-host-gatherer:\n\n- Version 1.0.24-1\n * Report total memory of a libvirt hypervisor\n * Improve interoperability with other Python projects\n\nwoodstox:\n\n- CVE-2022-40152: Fixed stack overflow in XML serialization. (bsc#1203521)\n\nHow to apply this update:\n\n1. Log in as root user to the SUSE Manager Server.\n2. Stop the Spacewalk service:\n`spacewalk-service stop`\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\n`spacewalk-service start`\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-592,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2023-592,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2023-592", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0592-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:0592-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20230592-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:0592-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018012.html", }, { category: "self", summary: "SUSE Bug 1188191", url: "https://bugzilla.suse.com/1188191", }, { category: "self", summary: "SUSE Bug 1195979", url: "https://bugzilla.suse.com/1195979", }, { category: "self", summary: "SUSE Bug 1197027", url: "https://bugzilla.suse.com/1197027", }, { category: "self", summary: "SUSE Bug 1200096", url: "https://bugzilla.suse.com/1200096", }, { category: "self", summary: "SUSE Bug 1200169", url: "https://bugzilla.suse.com/1200169", }, { category: "self", summary: "SUSE Bug 1201142", url: "https://bugzilla.suse.com/1201142", }, { category: "self", summary: "SUSE Bug 1201476", url: "https://bugzilla.suse.com/1201476", }, { category: "self", summary: "SUSE Bug 1201893", url: "https://bugzilla.suse.com/1201893", }, { category: "self", summary: "SUSE Bug 1202093", url: "https://bugzilla.suse.com/1202093", }, { category: "self", summary: "SUSE Bug 1202217", url: "https://bugzilla.suse.com/1202217", }, { category: "self", summary: "SUSE Bug 1203287", url: "https://bugzilla.suse.com/1203287", }, { category: "self", summary: "SUSE Bug 1203288", url: "https://bugzilla.suse.com/1203288", }, { category: "self", summary: "SUSE Bug 1203521", url: "https://bugzilla.suse.com/1203521", }, { category: "self", summary: "SUSE Bug 1203532", url: "https://bugzilla.suse.com/1203532", }, { category: "self", summary: "SUSE Bug 1203588", url: "https://bugzilla.suse.com/1203588", }, { category: "self", summary: "SUSE Bug 1203633", url: "https://bugzilla.suse.com/1203633", }, { category: "self", summary: "SUSE Bug 1203698", url: "https://bugzilla.suse.com/1203698", }, { category: "self", summary: "SUSE Bug 1203826", url: "https://bugzilla.suse.com/1203826", }, { category: "self", summary: "SUSE Bug 1203884", url: "https://bugzilla.suse.com/1203884", }, { category: "self", summary: "SUSE Bug 1203886", url: "https://bugzilla.suse.com/1203886", }, { category: "self", summary: "SUSE Bug 1204029", url: "https://bugzilla.suse.com/1204029", }, { category: "self", summary: "SUSE Bug 1204032", url: "https://bugzilla.suse.com/1204032", }, { category: "self", summary: "SUSE Bug 1204186", url: "https://bugzilla.suse.com/1204186", }, { category: "self", summary: "SUSE Bug 1204208", url: "https://bugzilla.suse.com/1204208", }, { category: "self", summary: "SUSE Bug 1204330", url: "https://bugzilla.suse.com/1204330", }, { category: "self", summary: "SUSE Bug 1204437", url: "https://bugzilla.suse.com/1204437", }, { category: "self", summary: "SUSE Bug 1204517", url: "https://bugzilla.suse.com/1204517", }, { category: "self", summary: "SUSE Bug 1204519", url: "https://bugzilla.suse.com/1204519", }, { category: "self", summary: "SUSE Bug 1204541", url: "https://bugzilla.suse.com/1204541", }, { category: "self", summary: "SUSE Bug 1204651", url: "https://bugzilla.suse.com/1204651", }, { category: "self", summary: "SUSE Bug 1204699", url: "https://bugzilla.suse.com/1204699", }, { category: "self", summary: "SUSE Bug 1204712", url: "https://bugzilla.suse.com/1204712", }, { category: "self", summary: "SUSE Bug 1204879", url: "https://bugzilla.suse.com/1204879", }, { category: "self", summary: "SUSE Bug 1205012", url: "https://bugzilla.suse.com/1205012", }, { category: "self", summary: "SUSE Bug 1205040", url: "https://bugzilla.suse.com/1205040", }, { category: "self", summary: "SUSE Bug 1205523", url: "https://bugzilla.suse.com/1205523", }, { category: "self", summary: "SUSE Bug 1205663", url: "https://bugzilla.suse.com/1205663", }, { category: "self", summary: "SUSE Bug 1205759", url: "https://bugzilla.suse.com/1205759", }, { category: "self", summary: "SUSE Bug 1205920", url: "https://bugzilla.suse.com/1205920", }, { category: "self", summary: "SUSE Bug 1205943", url: "https://bugzilla.suse.com/1205943", }, { category: "self", summary: "SUSE Bug 1206146", url: "https://bugzilla.suse.com/1206146", }, { category: "self", summary: "SUSE Bug 1206168", url: "https://bugzilla.suse.com/1206168", }, { category: "self", summary: "SUSE Bug 1206249", url: "https://bugzilla.suse.com/1206249", }, { category: "self", summary: "SUSE Bug 1206375", url: "https://bugzilla.suse.com/1206375", }, { category: "self", summary: "SUSE Bug 1206470", url: "https://bugzilla.suse.com/1206470", }, { category: "self", summary: "SUSE Bug 1206613", url: "https://bugzilla.suse.com/1206613", }, { category: "self", summary: "SUSE Bug 1206817", url: "https://bugzilla.suse.com/1206817", }, { category: "self", summary: "SUSE Bug 1206861", url: "https://bugzilla.suse.com/1206861", }, { category: "self", summary: "SUSE Bug 1206932", url: "https://bugzilla.suse.com/1206932", }, { category: "self", summary: "SUSE Bug 1206933", url: "https://bugzilla.suse.com/1206933", }, { category: "self", summary: "SUSE Bug 1206963", url: "https://bugzilla.suse.com/1206963", }, { category: "self", summary: "SUSE Bug 1206979", url: "https://bugzilla.suse.com/1206979", }, { category: "self", summary: "SUSE Bug 1206981", url: "https://bugzilla.suse.com/1206981", }, { category: "self", summary: "SUSE Bug 1207141", url: "https://bugzilla.suse.com/1207141", }, { category: "self", summary: "SUSE Bug 1208335", url: "https://bugzilla.suse.com/1208335", }, { category: "self", summary: "SUSE Bug 1208418", url: "https://bugzilla.suse.com/1208418", }, { category: "self", summary: "SUSE Bug 1208499", url: "https://bugzilla.suse.com/1208499", }, { category: "self", summary: "SUSE CVE CVE-2021-42740 page", url: "https://www.suse.com/security/cve/CVE-2021-42740/", }, { category: "self", summary: "SUSE CVE CVE-2022-0860 page", url: "https://www.suse.com/security/cve/CVE-2022-0860/", }, { category: "self", summary: "SUSE CVE CVE-2022-1415 page", url: "https://www.suse.com/security/cve/CVE-2022-1415/", }, { category: "self", summary: "SUSE CVE CVE-2022-31129 page", url: "https://www.suse.com/security/cve/CVE-2022-31129/", }, { category: "self", summary: "SUSE CVE CVE-2022-40152 page", url: "https://www.suse.com/security/cve/CVE-2022-40152/", }, ], title: "Security update for SUSE Manager Server 4.2", tracking: { current_release_date: "2023-03-02T08:32:44Z", generator: { date: "2023-03-02T08:32:44Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:0592-1", initial_release_date: "2023-03-02T08:32:44Z", revision_history: [ { date: "2023-03-02T08:32:44Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "inter-server-sync-0.2.7-150300.8.28.2.aarch64", product: { name: "inter-server-sync-0.2.7-150300.8.28.2.aarch64", product_id: "inter-server-sync-0.2.7-150300.8.28.2.aarch64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", product: { name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", product_id: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", product: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", product_id: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", }, }, { category: "product_version", name: "smdba-1.7.11-0.150300.3.12.2.aarch64", product: { name: "smdba-1.7.11-0.150300.3.12.2.aarch64", product_id: "smdba-1.7.11-0.150300.3.12.2.aarch64", }, }, { category: "product_version", name: "susemanager-4.2.40-150300.3.49.1.aarch64", product: { name: "susemanager-4.2.40-150300.3.49.1.aarch64", product_id: "susemanager-4.2.40-150300.3.49.1.aarch64", }, }, { category: "product_version", name: "susemanager-tools-4.2.40-150300.3.49.1.aarch64", product: { name: "susemanager-tools-4.2.40-150300.3.49.1.aarch64", product_id: "susemanager-tools-4.2.40-150300.3.49.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "cobbler-3.1.2-150300.5.19.1.noarch", product: { name: "cobbler-3.1.2-150300.5.19.1.noarch", product_id: "cobbler-3.1.2-150300.5.19.1.noarch", }, }, { category: "product_version", name: "cobbler-tests-3.1.2-150300.5.19.1.noarch", product: { name: "cobbler-tests-3.1.2-150300.5.19.1.noarch", product_id: "cobbler-tests-3.1.2-150300.5.19.1.noarch", }, }, { category: "product_version", name: "cobbler-web-3.1.2-150300.5.19.1.noarch", product: { name: "cobbler-web-3.1.2-150300.5.19.1.noarch", product_id: "cobbler-web-3.1.2-150300.5.19.1.noarch", }, }, { category: "product_version", name: "drools-7.17.0-150300.4.9.2.noarch", product: { name: "drools-7.17.0-150300.4.9.2.noarch", product_id: "drools-7.17.0-150300.4.9.2.noarch", }, }, { category: "product_version", name: "grafana-formula-0.8.1-150300.3.9.2.noarch", product: { name: "grafana-formula-0.8.1-150300.3.9.2.noarch", product_id: "grafana-formula-0.8.1-150300.3.9.2.noarch", }, }, { category: "product_version", name: "mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", product: { name: "mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", product_id: "mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", }, }, { category: "product_version", name: "mgr-osad-4.2.9-150300.2.12.2.noarch", product: { name: "mgr-osad-4.2.9-150300.2.12.2.noarch", product_id: "mgr-osad-4.2.9-150300.2.12.2.noarch", }, }, { category: "product_version", name: "prometheus-formula-0.7.0-150300.3.17.2.noarch", product: { name: "prometheus-formula-0.7.0-150300.3.17.2.noarch", product_id: "prometheus-formula-0.7.0-150300.3.17.2.noarch", }, }, { category: "product_version", name: "py27-compat-salt-3000.3-150300.7.7.29.2.noarch", product: { name: "py27-compat-salt-3000.3-150300.7.7.29.2.noarch", product_id: "py27-compat-salt-3000.3-150300.7.7.29.2.noarch", }, }, { category: "product_version", name: "python2-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product: { name: "python2-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product_id: "python2-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, }, { category: "product_version", name: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", product: { name: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", product_id: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", }, }, { category: "product_version", name: "python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", product: { name: "python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", product_id: "python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", }, }, { category: "product_version", name: "python3-mgr-osad-4.2.9-150300.2.12.2.noarch", product: { name: "python3-mgr-osad-4.2.9-150300.2.12.2.noarch", product_id: "python3-mgr-osad-4.2.9-150300.2.12.2.noarch", }, }, { category: "product_version", name: "python3-rhnlib-4.2.7-150300.4.12.2.noarch", product: { name: "python3-rhnlib-4.2.7-150300.4.12.2.noarch", product_id: "python3-rhnlib-4.2.7-150300.4.12.2.noarch", }, }, { category: "product_version", name: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product: { name: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product_id: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, }, { category: "product_version", name: "python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", product: { name: "python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", product_id: "python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", product: { name: "python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", product_id: "python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", product: { name: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", product_id: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "salt-netapi-client-0.21.0-150300.3.12.4.noarch", product: { name: "salt-netapi-client-0.21.0-150300.3.12.4.noarch", product_id: "salt-netapi-client-0.21.0-150300.3.12.4.noarch", }, }, { category: "product_version", name: "salt-netapi-client-javadoc-0.21.0-150300.3.12.4.noarch", product: { name: "salt-netapi-client-javadoc-0.21.0-150300.3.12.4.noarch", product_id: "salt-netapi-client-javadoc-0.21.0-150300.3.12.4.noarch", }, }, { category: "product_version", name: "saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", product: { name: "saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", product_id: "saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", }, }, { category: "product_version", name: "spacecmd-4.2.21-150300.4.33.2.noarch", product: { name: "spacecmd-4.2.21-150300.4.33.2.noarch", product_id: "spacecmd-4.2.21-150300.4.33.2.noarch", }, }, { category: "product_version", name: "spacewalk-admin-4.2.13-150300.3.18.1.noarch", product: { name: "spacewalk-admin-4.2.13-150300.3.18.1.noarch", product_id: "spacewalk-admin-4.2.13-150300.3.18.1.noarch", }, }, { category: "product_version", name: "spacewalk-backend-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-cdn-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-cdn-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-cdn-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-base-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-base-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-base-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product: { name: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product_id: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, }, { category: "product_version", name: "spacewalk-check-4.2.22-150300.4.30.2.noarch", product: { name: "spacewalk-check-4.2.22-150300.4.30.2.noarch", product_id: "spacewalk-check-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", product: { name: "spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", product_id: "spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", product: { name: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", product_id: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "spacewalk-dobby-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-dobby-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-dobby-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-html-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-html-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-html-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-html-debug-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-html-debug-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-html-debug-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-java-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-java-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-apidoc-sources-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-java-apidoc-sources-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-java-apidoc-sources-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-config-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-java-config-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-java-config-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", product: { name: "spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", product_id: "spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-search-4.2.9-150300.3.15.2.noarch", product: { name: "spacewalk-search-4.2.9-150300.3.15.2.noarch", product_id: "spacewalk-search-4.2.9-150300.3.15.2.noarch", }, }, { category: "product_version", name: "spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", product: { name: "supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", product_id: "supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", }, }, { category: "product_version", name: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch", product: { name: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch", product_id: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch", }, }, { category: "product_version", name: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", product: { name: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", product_id: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", }, }, { category: "product_version", name: "susemanager-doc-indexes-4.2-150300.12.39.4.noarch", product: { name: "susemanager-doc-indexes-4.2-150300.12.39.4.noarch", product_id: "susemanager-doc-indexes-4.2-150300.12.39.4.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-4.2-150300.12.39.2.noarch", product: { name: "susemanager-docs_en-4.2-150300.12.39.2.noarch", product_id: "susemanager-docs_en-4.2-150300.12.39.2.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", product: { name: "susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", product_id: "susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", }, }, { category: "product_version", name: "susemanager-schema-4.2.27-150300.3.35.1.noarch", product: { name: "susemanager-schema-4.2.27-150300.3.35.1.noarch", product_id: "susemanager-schema-4.2.27-150300.3.35.1.noarch", }, }, { category: "product_version", name: "susemanager-schema-sanity-4.2.27-150300.3.35.1.noarch", product: { name: "susemanager-schema-sanity-4.2.27-150300.3.35.1.noarch", product_id: "susemanager-schema-sanity-4.2.27-150300.3.35.1.noarch", }, }, { category: "product_version", name: "susemanager-sls-4.2.31-150300.3.43.1.noarch", product: { name: "susemanager-sls-4.2.31-150300.3.43.1.noarch", product_id: "susemanager-sls-4.2.31-150300.3.43.1.noarch", }, }, { category: "product_version", name: "uyuni-config-modules-4.2.31-150300.3.43.1.noarch", product: { name: "uyuni-config-modules-4.2.31-150300.3.43.1.noarch", product_id: "uyuni-config-modules-4.2.31-150300.3.43.1.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-Libvirt-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-Libvirt-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-Libvirt-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "woodstox-4.4.2-150300.3.6.2.noarch", product: { name: "woodstox-4.4.2-150300.3.6.2.noarch", product_id: "woodstox-4.4.2-150300.3.6.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.7-150300.8.28.2.ppc64le", product: { name: "inter-server-sync-0.2.7-150300.8.28.2.ppc64le", product_id: "inter-server-sync-0.2.7-150300.8.28.2.ppc64le", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", product: { name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", product_id: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", product: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", product_id: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", }, }, { category: "product_version", name: "smdba-1.7.11-0.150300.3.12.2.ppc64le", product: { name: "smdba-1.7.11-0.150300.3.12.2.ppc64le", product_id: "smdba-1.7.11-0.150300.3.12.2.ppc64le", }, }, { category: "product_version", name: "susemanager-4.2.40-150300.3.49.1.ppc64le", product: { name: "susemanager-4.2.40-150300.3.49.1.ppc64le", product_id: "susemanager-4.2.40-150300.3.49.1.ppc64le", }, }, { category: "product_version", name: "susemanager-tools-4.2.40-150300.3.49.1.ppc64le", product: { name: "susemanager-tools-4.2.40-150300.3.49.1.ppc64le", product_id: "susemanager-tools-4.2.40-150300.3.49.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.7-150300.8.28.2.s390x", product: { name: "inter-server-sync-0.2.7-150300.8.28.2.s390x", product_id: "inter-server-sync-0.2.7-150300.8.28.2.s390x", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", product: { name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", product_id: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", product: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", product_id: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", }, }, { category: "product_version", name: "smdba-1.7.11-0.150300.3.12.2.s390x", product: { name: "smdba-1.7.11-0.150300.3.12.2.s390x", product_id: "smdba-1.7.11-0.150300.3.12.2.s390x", }, }, { category: "product_version", name: "susemanager-4.2.40-150300.3.49.1.s390x", product: { name: "susemanager-4.2.40-150300.3.49.1.s390x", product_id: "susemanager-4.2.40-150300.3.49.1.s390x", }, }, { category: "product_version", name: "susemanager-tools-4.2.40-150300.3.49.1.s390x", product: { name: "susemanager-tools-4.2.40-150300.3.49.1.s390x", product_id: "susemanager-tools-4.2.40-150300.3.49.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.7-150300.8.28.2.x86_64", product: { name: "inter-server-sync-0.2.7-150300.8.28.2.x86_64", product_id: "inter-server-sync-0.2.7-150300.8.28.2.x86_64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", product: { name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", product_id: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", product: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", product_id: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", }, }, { category: "product_version", name: "smdba-1.7.11-0.150300.3.12.2.x86_64", product: { name: "smdba-1.7.11-0.150300.3.12.2.x86_64", product_id: "smdba-1.7.11-0.150300.3.12.2.x86_64", }, }, { category: "product_version", name: "susemanager-4.2.40-150300.3.49.1.x86_64", product: { name: "susemanager-4.2.40-150300.3.49.1.x86_64", product_id: "susemanager-4.2.40-150300.3.49.1.x86_64", }, }, { category: "product_version", name: "susemanager-tools-4.2.40-150300.3.49.1.x86_64", product: { name: "susemanager-tools-4.2.40-150300.3.49.1.x86_64", product_id: "susemanager-tools-4.2.40-150300.3.49.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Proxy Module 4.2", product: { name: "SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-proxy:4.2", }, }, }, { category: "product_name", name: "SUSE Manager Server Module 4.2", product: { name: "SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "mgr-osad-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", }, product_reference: "mgr-osad-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", }, product_reference: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-osad-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", }, product_reference: "python3-mgr-osad-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-rhnlib-4.2.7-150300.4.12.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", }, product_reference: "python3-rhnlib-4.2.7-150300.4.12.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, product_reference: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-check-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", }, product_reference: "python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", }, product_reference: "python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, product_reference: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64 as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", }, product_reference: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.2.21-150300.4.33.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", }, product_reference: "spacecmd-4.2.21-150300.4.33.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, product_reference: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", }, product_reference: "spacewalk-check-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", }, product_reference: "spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, product_reference: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", }, product_reference: "spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", }, product_reference: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", }, product_reference: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "cobbler-3.1.2-150300.5.19.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", }, product_reference: "cobbler-3.1.2-150300.5.19.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "drools-7.17.0-150300.4.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", }, product_reference: "drools-7.17.0-150300.4.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "grafana-formula-0.8.1-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", }, product_reference: "grafana-formula-0.8.1-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.7-150300.8.28.2.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", }, product_reference: "inter-server-sync-0.2.7-150300.8.28.2.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.7-150300.8.28.2.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", }, product_reference: "inter-server-sync-0.2.7-150300.8.28.2.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.7-150300.8.28.2.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", }, product_reference: "inter-server-sync-0.2.7-150300.8.28.2.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", }, product_reference: "mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "prometheus-formula-0.7.0-150300.3.17.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", }, product_reference: "prometheus-formula-0.7.0-150300.3.17.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "py27-compat-salt-3000.3-150300.7.7.29.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", }, product_reference: "py27-compat-salt-3000.3-150300.7.7.29.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", }, product_reference: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", }, product_reference: "python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-rhnlib-4.2.7-150300.4.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", }, product_reference: "python3-rhnlib-4.2.7-150300.4.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, product_reference: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, product_reference: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", }, product_reference: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", }, product_reference: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", }, product_reference: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "salt-netapi-client-0.21.0-150300.3.12.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", }, product_reference: "salt-netapi-client-0.21.0-150300.3.12.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", }, product_reference: "saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "smdba-1.7.11-0.150300.3.12.2.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", }, product_reference: "smdba-1.7.11-0.150300.3.12.2.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "smdba-1.7.11-0.150300.3.12.2.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", }, product_reference: "smdba-1.7.11-0.150300.3.12.2.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "smdba-1.7.11-0.150300.3.12.2.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", }, product_reference: "smdba-1.7.11-0.150300.3.12.2.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.2.21-150300.4.33.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", }, product_reference: "spacecmd-4.2.21-150300.4.33.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-admin-4.2.13-150300.3.18.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", }, product_reference: "spacewalk-admin-4.2.13-150300.3.18.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-app-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-server-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-base-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, product_reference: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, product_reference: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-html-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-html-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-4.2.47-150300.3.58.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", }, product_reference: "spacewalk-java-4.2.47-150300.3.58.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-config-4.2.47-150300.3.58.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", }, product_reference: "spacewalk-java-config-4.2.47-150300.3.58.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-lib-4.2.47-150300.3.58.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", }, product_reference: "spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", }, product_reference: "spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-search-4.2.9-150300.3.15.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", }, product_reference: "spacewalk-search-4.2.9-150300.3.15.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", }, product_reference: "spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", }, product_reference: "supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.40-150300.3.49.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", }, product_reference: "susemanager-4.2.40-150300.3.49.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.40-150300.3.49.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", }, product_reference: "susemanager-4.2.40-150300.3.49.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.40-150300.3.49.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", }, product_reference: "susemanager-4.2.40-150300.3.49.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", }, product_reference: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", }, product_reference: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-doc-indexes-4.2-150300.12.39.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", }, product_reference: "susemanager-doc-indexes-4.2-150300.12.39.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-4.2-150300.12.39.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", }, product_reference: "susemanager-docs_en-4.2-150300.12.39.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", }, product_reference: "susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-schema-4.2.27-150300.3.35.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", }, product_reference: "susemanager-schema-4.2.27-150300.3.35.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-sls-4.2.31-150300.3.43.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", }, product_reference: "susemanager-sls-4.2.31-150300.3.43.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.40-150300.3.49.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", }, product_reference: "susemanager-tools-4.2.40-150300.3.49.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.40-150300.3.49.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", }, product_reference: "susemanager-tools-4.2.40-150300.3.49.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.40-150300.3.49.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", }, product_reference: "susemanager-tools-4.2.40-150300.3.49.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "uyuni-config-modules-4.2.31-150300.3.43.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", }, product_reference: "uyuni-config-modules-4.2.31-150300.3.43.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtual-host-gatherer-1.0.24-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", }, product_reference: "virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", }, product_reference: "virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", }, product_reference: "virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", }, product_reference: "virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", }, product_reference: "virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "woodstox-4.4.2-150300.3.6.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", }, product_reference: "woodstox-4.4.2-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, ], }, vulnerabilities: [ { cve: "CVE-2021-42740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-42740", }, ], notes: [ { category: "general", text: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-42740", url: "https://www.suse.com/security/cve/CVE-2021-42740", }, { category: "external", summary: "SUSE Bug 1203287 for CVE-2021-42740", url: "https://bugzilla.suse.com/1203287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], threats: [ { category: "impact", date: "2023-03-02T08:32:44Z", details: "critical", }, ], title: "CVE-2021-42740", }, { cve: "CVE-2022-0860", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0860", }, ], notes: [ { category: "general", text: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-0860", url: "https://www.suse.com/security/cve/CVE-2022-0860", }, { category: "external", summary: "SUSE Bug 1197027 for CVE-2022-0860", url: "https://bugzilla.suse.com/1197027", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], threats: [ { category: "impact", date: "2023-03-02T08:32:44Z", details: "important", }, ], title: "CVE-2022-0860", }, { cve: "CVE-2022-1415", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1415", }, ], notes: [ { category: "general", text: "A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-1415", url: "https://www.suse.com/security/cve/CVE-2022-1415", }, { category: "external", summary: "SUSE Bug 1204879 for CVE-2022-1415", url: "https://bugzilla.suse.com/1204879", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], threats: [ { category: "impact", date: "2023-03-02T08:32:44Z", details: "moderate", }, ], title: "CVE-2022-1415", }, { cve: "CVE-2022-31129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-31129", }, ], notes: [ { category: "general", text: "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-31129", url: "https://www.suse.com/security/cve/CVE-2022-31129", }, { category: "external", summary: "SUSE Bug 1203288 for CVE-2022-31129", url: "https://bugzilla.suse.com/1203288", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], threats: [ { category: "impact", date: "2023-03-02T08:32:44Z", details: "important", }, ], title: "CVE-2022-31129", }, { cve: "CVE-2022-40152", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-40152", }, ], notes: [ { category: "general", text: "Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-40152", url: "https://www.suse.com/security/cve/CVE-2022-40152", }, { category: "external", summary: "SUSE Bug 1203521 for CVE-2022-40152", url: "https://bugzilla.suse.com/1203521", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], threats: [ { category: "impact", date: "2023-03-02T08:32:44Z", details: "moderate", }, ], title: "CVE-2022-40152", }, ], }
suse-su-2022:3313-1
Vulnerability from csaf_suse
Published
2022-09-19 15:37
Modified
2022-09-19 15:37
Summary
Security update for release-notes-susemanager, release-notes-susemanager-proxy
Notes
Title of the patch
Security update for release-notes-susemanager, release-notes-susemanager-proxy
Description of the patch
This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:
Release notes for SUSE Manager:
- Update to SUSE:Manager 4.2.9
* Notification about SUSE Manager end-of-life has been added
* CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129, CVE-2021-41411
* Bugs mentioned:
bsc#1172705, bsc#1187028, bsc#1195455, bsc#1195895, bsc#1196729
bsc#1198168, bsc#1198489, bsc#1198738, bsc#1198903, bsc#1199372
bsc#1199659, bsc#1199913, bsc#1199950, bsc#1200276, bsc#1200296
bsc#1200480, bsc#1200532, bsc#1200573, bsc#1200591, bsc#1200629
bsc#1201142, bsc#1201189, bsc#1201210, bsc#1201220, bsc#1201224
bsc#1201527, bsc#1201606, bsc#1201607, bsc#1201626, bsc#1201753
bsc#1201913, bsc#1201918, bsc#1202142, bsc#1202272, bsc#1202464
bsc#1202728, bsc#1203287, bsc#1203288, bsc#1203449
Release notes for SUSE Manager Proxy:
- Update to SUSE Manager 4.2.9
* CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129
* Bugs mentioned:
bsc#1198168, bsc#1198903, bsc#1199659, bsc#1200480, bsc#1200591
bsc#1201142, bsc#1202142, bsc#1202724
Patchnames
SUSE-2022-3313,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2022-3313,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2022-3313,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2022-3313
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for release-notes-susemanager, release-notes-susemanager-proxy", title: "Title of the patch", }, { category: "description", text: "This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:\n\nRelease notes for SUSE Manager:\n\n- Update to SUSE:Manager 4.2.9\n * Notification about SUSE Manager end-of-life has been added\n * CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129, CVE-2021-41411\n * Bugs mentioned:\n bsc#1172705, bsc#1187028, bsc#1195455, bsc#1195895, bsc#1196729\n bsc#1198168, bsc#1198489, bsc#1198738, bsc#1198903, bsc#1199372\n bsc#1199659, bsc#1199913, bsc#1199950, bsc#1200276, bsc#1200296\n bsc#1200480, bsc#1200532, bsc#1200573, bsc#1200591, bsc#1200629\n bsc#1201142, bsc#1201189, bsc#1201210, bsc#1201220, bsc#1201224\n bsc#1201527, bsc#1201606, bsc#1201607, bsc#1201626, bsc#1201753\n bsc#1201913, bsc#1201918, bsc#1202142, bsc#1202272, bsc#1202464\n bsc#1202728, bsc#1203287, bsc#1203288, bsc#1203449\n\nRelease notes for SUSE Manager Proxy:\n\n- Update to SUSE Manager 4.2.9\n * CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129\n * Bugs mentioned:\n bsc#1198168, bsc#1198903, bsc#1199659, bsc#1200480, bsc#1200591\n bsc#1201142, bsc#1202142, bsc#1202724\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-3313,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2022-3313,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2022-3313,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2022-3313", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3313-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:3313-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20223313-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:3313-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012289.html", }, { category: "self", summary: "SUSE Bug 1172705", url: "https://bugzilla.suse.com/1172705", }, { category: "self", summary: "SUSE Bug 1187028", url: "https://bugzilla.suse.com/1187028", }, { category: "self", summary: "SUSE Bug 1195455", url: "https://bugzilla.suse.com/1195455", }, { category: "self", summary: "SUSE Bug 1195895", url: "https://bugzilla.suse.com/1195895", }, { category: "self", summary: "SUSE Bug 1196729", url: "https://bugzilla.suse.com/1196729", }, { category: "self", summary: "SUSE Bug 1198168", url: "https://bugzilla.suse.com/1198168", }, { category: "self", summary: "SUSE Bug 1198489", url: "https://bugzilla.suse.com/1198489", }, { category: "self", summary: "SUSE Bug 1198738", url: "https://bugzilla.suse.com/1198738", }, { category: "self", summary: "SUSE Bug 1198903", url: "https://bugzilla.suse.com/1198903", }, { category: "self", summary: "SUSE Bug 1199372", url: "https://bugzilla.suse.com/1199372", }, { category: "self", summary: "SUSE Bug 1199659", url: "https://bugzilla.suse.com/1199659", }, { category: "self", summary: "SUSE Bug 1199913", url: "https://bugzilla.suse.com/1199913", }, { category: "self", summary: "SUSE Bug 1199950", url: "https://bugzilla.suse.com/1199950", }, { category: "self", summary: "SUSE Bug 1200276", url: "https://bugzilla.suse.com/1200276", }, { category: "self", summary: "SUSE Bug 1200296", url: "https://bugzilla.suse.com/1200296", }, { category: "self", summary: "SUSE Bug 1200480", url: "https://bugzilla.suse.com/1200480", }, { category: "self", summary: "SUSE Bug 1200532", url: "https://bugzilla.suse.com/1200532", }, { category: "self", summary: "SUSE Bug 1200573", url: "https://bugzilla.suse.com/1200573", }, { category: "self", summary: "SUSE Bug 1200591", url: "https://bugzilla.suse.com/1200591", }, { category: "self", summary: "SUSE Bug 1200629", url: "https://bugzilla.suse.com/1200629", }, { category: "self", summary: "SUSE Bug 1201142", url: "https://bugzilla.suse.com/1201142", }, { category: "self", summary: "SUSE Bug 1201189", url: "https://bugzilla.suse.com/1201189", }, { category: "self", summary: "SUSE Bug 1201210", url: "https://bugzilla.suse.com/1201210", }, { category: "self", summary: "SUSE Bug 1201220", url: "https://bugzilla.suse.com/1201220", }, { category: "self", summary: "SUSE Bug 1201224", url: "https://bugzilla.suse.com/1201224", }, { category: "self", summary: "SUSE Bug 1201527", url: "https://bugzilla.suse.com/1201527", }, { category: "self", summary: "SUSE Bug 1201606", url: "https://bugzilla.suse.com/1201606", }, { category: "self", summary: "SUSE Bug 1201607", url: "https://bugzilla.suse.com/1201607", }, { category: "self", summary: "SUSE Bug 1201626", url: "https://bugzilla.suse.com/1201626", }, { category: "self", summary: "SUSE Bug 1201753", url: "https://bugzilla.suse.com/1201753", }, { category: "self", summary: "SUSE Bug 1201913", url: "https://bugzilla.suse.com/1201913", }, { category: "self", summary: "SUSE Bug 1201918", url: "https://bugzilla.suse.com/1201918", }, { category: "self", summary: "SUSE Bug 1202142", url: "https://bugzilla.suse.com/1202142", }, { category: "self", summary: "SUSE Bug 1202272", url: "https://bugzilla.suse.com/1202272", }, { category: "self", summary: "SUSE Bug 1202464", url: "https://bugzilla.suse.com/1202464", }, { category: "self", summary: "SUSE Bug 1202724", url: "https://bugzilla.suse.com/1202724", }, { category: "self", summary: "SUSE Bug 1202728", url: "https://bugzilla.suse.com/1202728", }, { category: "self", summary: "SUSE Bug 1203287", url: "https://bugzilla.suse.com/1203287", }, { category: "self", summary: "SUSE Bug 1203288", url: "https://bugzilla.suse.com/1203288", }, { category: "self", summary: "SUSE Bug 1203449", url: "https://bugzilla.suse.com/1203449", }, { category: "self", summary: "SUSE CVE CVE-2021-41411 page", url: "https://www.suse.com/security/cve/CVE-2021-41411/", }, { category: "self", summary: "SUSE CVE CVE-2021-42740 page", url: "https://www.suse.com/security/cve/CVE-2021-42740/", }, { category: "self", summary: "SUSE CVE CVE-2021-43138 page", url: "https://www.suse.com/security/cve/CVE-2021-43138/", }, { category: "self", summary: "SUSE CVE CVE-2022-31129 page", url: "https://www.suse.com/security/cve/CVE-2022-31129/", }, ], title: "Security update for release-notes-susemanager, release-notes-susemanager-proxy", tracking: { current_release_date: "2022-09-19T15:37:27Z", generator: { date: "2022-09-19T15:37:27Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:3313-1", initial_release_date: "2022-09-19T15:37:27Z", revision_history: [ { date: "2022-09-19T15:37:27Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "release-notes-susemanager-4.2.9-150300.3.54.1.aarch64", product: { name: "release-notes-susemanager-4.2.9-150300.3.54.1.aarch64", product_id: "release-notes-susemanager-4.2.9-150300.3.54.1.aarch64", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.aarch64", product: { name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.aarch64", product_id: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.2.9-150300.3.54.1.i586", product: { name: "release-notes-susemanager-4.2.9-150300.3.54.1.i586", product_id: "release-notes-susemanager-4.2.9-150300.3.54.1.i586", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.i586", product: { name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.i586", product_id: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", product: { name: "release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", product_id: "release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.ppc64le", product: { name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.ppc64le", product_id: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.2.9-150300.3.54.1.s390x", product: { name: "release-notes-susemanager-4.2.9-150300.3.54.1.s390x", product_id: "release-notes-susemanager-4.2.9-150300.3.54.1.s390x", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.s390x", product: { name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.s390x", product_id: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", product: { name: "release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", product_id: "release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", product: { name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", product_id: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Proxy 4.2", product: { name: "SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-proxy:4.2", }, }, }, { category: "product_name", name: "SUSE Manager Retail Branch Server 4.2", product: { name: "SUSE Manager Retail Branch Server 4.2", product_id: "SUSE Manager Retail Branch Server 4.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-retail-branch-server:4.2", }, }, }, { category: "product_name", name: "SUSE Manager Server 4.2", product: { name: "SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-server:4.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 as component of SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", }, product_reference: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.2", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64 as component of SUSE Manager Retail Branch Server 4.2", product_id: "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", }, product_reference: "release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", relates_to_product_reference: "SUSE Manager Retail Branch Server 4.2", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", }, product_reference: "release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.2.9-150300.3.54.1.s390x as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", }, product_reference: "release-notes-susemanager-4.2.9-150300.3.54.1.s390x", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.2.9-150300.3.54.1.x86_64 as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", }, product_reference: "release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.2", }, ], }, vulnerabilities: [ { cve: "CVE-2021-41411", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-41411", }, ], notes: [ { category: "general", text: "drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-41411", url: "https://www.suse.com/security/cve/CVE-2021-41411", }, { category: "external", summary: "SUSE Bug 1200629 for CVE-2021-41411", url: "https://bugzilla.suse.com/1200629", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-19T15:37:27Z", details: "important", }, ], title: "CVE-2021-41411", }, { cve: "CVE-2021-42740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-42740", }, ], notes: [ { category: "general", text: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-42740", url: "https://www.suse.com/security/cve/CVE-2021-42740", }, { category: "external", summary: "SUSE Bug 1203287 for CVE-2021-42740", url: "https://bugzilla.suse.com/1203287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-19T15:37:27Z", details: "critical", }, ], title: "CVE-2021-42740", }, { cve: "CVE-2021-43138", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43138", }, ], notes: [ { category: "general", text: "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-43138", url: "https://www.suse.com/security/cve/CVE-2021-43138", }, { category: "external", summary: "SUSE Bug 1200480 for CVE-2021-43138", url: "https://bugzilla.suse.com/1200480", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-19T15:37:27Z", details: "important", }, ], title: "CVE-2021-43138", }, { cve: "CVE-2022-31129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-31129", }, ], notes: [ { category: "general", text: "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-31129", url: "https://www.suse.com/security/cve/CVE-2022-31129", }, { category: "external", summary: "SUSE Bug 1203288 for CVE-2022-31129", url: "https://bugzilla.suse.com/1203288", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.9-150300.3.43.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.9-150300.3.54.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-09-19T15:37:27Z", details: "important", }, ], title: "CVE-2022-31129", }, ], }
WID-SEC-W-2022-1476
Vulnerability from csaf_certbund
Published
2022-09-19 22:00
Modified
2023-03-02 23:00
Summary
SUSE Manager: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
SUSE Manager basiert auf Spacewalk, welche die Codebase vom Red Hat
Satellite Server nutzt und ermöglicht ein zentrale Systemmanagement von Linux-Umgebungen.
Angriff
Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in SUSE Manager ausnutzen, um Sicherheitsvorkehrungen zu umgehen, beliebigen Code auszuführen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme
- UNIX
- Linux
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "SUSE Manager basiert auf Spacewalk, welche die Codebase vom Red Hat\r\nSatellite Server nutzt und ermöglicht ein zentrale Systemmanagement von Linux-Umgebungen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in SUSE Manager ausnutzen, um Sicherheitsvorkehrungen zu umgehen, beliebigen Code auszuführen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand zu verursachen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-1476 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1476.json", }, { category: "self", summary: "WID-SEC-2022-1476 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1476", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0593-1 vom 2023-03-02", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013958.html", }, { category: "external", summary: "SUSE Security Advisory vom 2022-09-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012289.html", }, { category: "external", summary: "SUSE Security Advisory vom 2022-09-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012286.html", }, { category: "external", summary: "SUSE Security Advisory vom 2022-09-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012291.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:3761-1 vom 2022-10-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012707.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:3750-1 vom 2022-10-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012690.html", }, ], source_lang: "en-US", title: "SUSE Manager: Mehrere Schwachstellen", tracking: { current_release_date: "2023-03-02T23:00:00.000+00:00", generator: { date: "2024-08-15T17:35:26.337+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-1476", initial_release_date: "2022-09-19T22:00:00.000+00:00", revision_history: [ { date: "2022-09-19T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-10-26T22:00:00.000+00:00", number: "2", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-03-02T23:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, { category: "product_name", name: "SUSE Manager < 4.2.9", product: { name: "SUSE Manager < 4.2.9", product_id: "T024662", product_identification_helper: { cpe: "cpe:/a:suse:manager:4.2.9", }, }, }, ], category: "vendor", name: "SUSE", }, ], }, vulnerabilities: [ { cve: "CVE-2021-41411", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SUSE Manager. Der Fehler besteht in der Komponente drools aufgrund einer XML External Entity (XXE) Schwachstelle in KieModuleMarshaller.java. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen.", }, ], product_status: { known_affected: [ "T002207", ], }, release_date: "2022-09-19T22:00:00.000+00:00", title: "CVE-2021-41411", }, { cve: "CVE-2021-42740", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SUSE Manager. Der Fehler besteht in der Komponente Node.js aufgrund einer Befehlsinjektion. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er durch eine Regex, die für die Unterstützung von Windows-Laufwerksbuchstaben entwickelt wurde, uneingescapte Shell-Metazeichen einfügt, um beliebigen Code auszuführen.", }, ], product_status: { known_affected: [ "T002207", ], }, release_date: "2022-09-19T22:00:00.000+00:00", title: "CVE-2021-42740", }, { cve: "CVE-2021-43138", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SUSE Manager. Der Fehler besteht in der Komponente Async in der mapValues()-Methode aufgrund einer Prototypenverschmutzung. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T002207", ], }, release_date: "2022-09-19T22:00:00.000+00:00", title: "CVE-2021-43138", }, { cve: "CVE-2022-31129", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SUSE Manager. Der Fehler besteht in der Komponente Moment aufgrund eines ineffizienten Parsing-Algorithmus. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er Eingaben mit mehr als 10k Zeichen übermittelt, um einen Denial-of-Service-Zustand auszulösen.", }, ], product_status: { known_affected: [ "T002207", ], }, release_date: "2022-09-19T22:00:00.000+00:00", title: "CVE-2022-31129", }, ], }
wid-sec-w-2023-0809
Vulnerability from csaf_certbund
Published
2023-03-30 22:00
Modified
2024-02-19 23:00
Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-0809 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0809.json", }, { category: "self", summary: "WID-SEC-2023-0809 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0809", }, { category: "external", summary: "IBM Security Bulletin: 6967283 vom 2023-03-30", url: "https://www.ibm.com/support/pages/node/6967283", }, { category: "external", summary: "IBM Security Bulletin: 6967333 vom 2023-03-30", url: "https://www.ibm.com/support/pages/node/6967333", }, { category: "external", summary: "IBM Security Bulletin 6980799 vom 2023-04-04", url: "https://www.ibm.com/support/pages/node/6980799", }, { category: "external", summary: "IBM Security Bulletin 7108657 vom 2024-01-17", url: "https://www.ibm.com/support/pages/node/7108657", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-5ECC250449 vom 2024-02-19", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5ecc250449", }, ], source_lang: "en-US", title: "IBM QRadar SIEM: Mehrere Schwachstellen", tracking: { current_release_date: "2024-02-19T23:00:00.000+00:00", generator: { date: "2024-08-15T17:47:38.606+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-0809", initial_release_date: "2023-03-30T22:00:00.000+00:00", revision_history: [ { date: "2023-03-30T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-04-04T22:00:00.000+00:00", number: "2", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-01-16T23:00:00.000+00:00", number: "3", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-02-19T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Fedora aufgenommen", }, ], status: "final", version: "4", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { branches: [ { category: "product_version", name: "7.5", product: { name: "IBM QRadar SIEM 7.5", product_id: "T022954", product_identification_helper: { cpe: "cpe:/a:ibm:qradar_siem:7.5", }, }, }, { category: "product_version_range", name: "< User Behavior Analytics 4.1.11", product: { name: "IBM QRadar SIEM < User Behavior Analytics 4.1.11", product_id: "T027026", }, }, { category: "product_version_range", name: "< 7.4.3 FP9", product: { name: "IBM QRadar SIEM < 7.4.3 FP9", product_id: "T027027", }, }, { category: "product_version_range", name: "< 7.5.0 UP5", product: { name: "IBM QRadar SIEM < 7.5.0 UP5", product_id: "T027028", }, }, ], category: "product_name", name: "QRadar SIEM", }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2023-22809", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2023-22809", }, { cve: "CVE-2022-4883", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-4883", }, { cve: "CVE-2022-46364", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-46364", }, { cve: "CVE-2022-46363", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-46363", }, { cve: "CVE-2022-45143", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-45143", }, { cve: "CVE-2022-42890", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-42890", }, { cve: "CVE-2022-4254", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-4254", }, { cve: "CVE-2022-42252", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-42252", }, { cve: "CVE-2022-41966", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-41966", }, { cve: "CVE-2022-41946", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-41946", }, { cve: "CVE-2022-41704", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-41704", }, { cve: "CVE-2022-40156", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40156", }, { cve: "CVE-2022-40155", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40155", }, { cve: "CVE-2022-40154", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40154", }, { cve: "CVE-2022-40153", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40153", }, { cve: "CVE-2022-40152", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40152", }, { cve: "CVE-2022-40150", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40150", }, { cve: "CVE-2022-40149", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40149", }, { cve: "CVE-2022-37603", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-37603", }, { cve: "CVE-2022-37601", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-37601", }, { cve: "CVE-2022-37599", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-37599", }, { cve: "CVE-2022-37598", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-37598", }, { cve: "CVE-2022-3676", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-3676", }, { cve: "CVE-2022-36364", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-36364", }, { cve: "CVE-2022-36033", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-36033", }, { cve: "CVE-2022-34917", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-34917", }, { cve: "CVE-2022-31197", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-31197", }, { cve: "CVE-2022-31129", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-31129", }, { cve: "CVE-2022-2964", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-2964", }, { cve: "CVE-2022-28733", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-28733", }, { cve: "CVE-2022-2795", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-2795", }, { cve: "CVE-2022-25927", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-25927", }, { cve: "CVE-2022-25901", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-25901", }, { cve: "CVE-2022-25758", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-25758", }, { cve: "CVE-2022-25647", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-25647", }, { cve: "CVE-2022-24999", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-24999", }, { cve: "CVE-2022-24839", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-24839", }, { cve: "CVE-2022-24823", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-24823", }, { cve: "CVE-2022-24785", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-24785", }, { cve: "CVE-2022-23437", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-23437", }, { cve: "CVE-2022-22971", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-22971", }, { cve: "CVE-2022-22970", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-22970", }, { cve: "CVE-2022-21724", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-21724", }, { cve: "CVE-2022-21628", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-21628", }, { cve: "CVE-2022-21626", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-21626", }, { cve: "CVE-2022-21624", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-21624", }, { cve: "CVE-2022-21619", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-21619", }, { cve: "CVE-2021-43797", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-43797", }, { cve: "CVE-2021-42740", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-42740", }, { cve: "CVE-2021-42581", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-42581", }, { cve: "CVE-2021-39227", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-39227", }, { cve: "CVE-2021-3918", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-3918", }, { cve: "CVE-2021-3807", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-3807", }, { cve: "CVE-2021-37713", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-37713", }, { cve: "CVE-2021-37712", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-37712", }, { cve: "CVE-2021-37701", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-37701", }, { cve: "CVE-2021-3765", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-3765", }, { cve: "CVE-2021-37137", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-37137", }, { cve: "CVE-2021-37136", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-37136", }, { cve: "CVE-2021-32804", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-32804", }, { cve: "CVE-2021-32803", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-32803", }, { cve: "CVE-2021-29060", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-29060", }, { cve: "CVE-2021-26401", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-26401", }, { cve: "CVE-2021-25220", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-25220", }, { cve: "CVE-2021-23450", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23450", }, { cve: "CVE-2021-23382", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23382", }, { cve: "CVE-2021-23368", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23368", }, { cve: "CVE-2021-23364", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23364", }, { cve: "CVE-2021-23362", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23362", }, { cve: "CVE-2021-23343", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23343", }, { cve: "CVE-2021-21409", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-21409", }, { cve: "CVE-2021-21295", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-21295", }, { cve: "CVE-2021-21290", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-21290", }, { cve: "CVE-2020-7764", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2020-7764", }, { cve: "CVE-2020-5259", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2020-5259", }, { cve: "CVE-2020-24025", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2020-24025", }, { cve: "CVE-2020-15366", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2020-15366", }, { cve: "CVE-2020-13936", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2020-13936", }, { cve: "CVE-2019-6286", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2019-6286", }, { cve: "CVE-2019-6284", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2019-6284", }, { cve: "CVE-2019-6283", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2019-6283", }, { cve: "CVE-2019-10785", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2019-10785", }, { cve: "CVE-2018-8036", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-8036", }, { cve: "CVE-2018-20821", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-20821", }, { cve: "CVE-2018-20190", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-20190", }, { cve: "CVE-2018-19839", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-19839", }, { cve: "CVE-2018-19838", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-19838", }, { cve: "CVE-2018-19827", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-19827", }, { cve: "CVE-2018-19797", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-19797", }, { cve: "CVE-2018-15494", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-15494", }, { cve: "CVE-2018-11698", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-11698", }, { cve: "CVE-2018-11694", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-11694", }, ], }
wid-sec-w-2022-1476
Vulnerability from csaf_certbund
Published
2022-09-19 22:00
Modified
2023-03-02 23:00
Summary
SUSE Manager: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
SUSE Manager basiert auf Spacewalk, welche die Codebase vom Red Hat
Satellite Server nutzt und ermöglicht ein zentrale Systemmanagement von Linux-Umgebungen.
Angriff
Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in SUSE Manager ausnutzen, um Sicherheitsvorkehrungen zu umgehen, beliebigen Code auszuführen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme
- UNIX
- Linux
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "SUSE Manager basiert auf Spacewalk, welche die Codebase vom Red Hat\r\nSatellite Server nutzt und ermöglicht ein zentrale Systemmanagement von Linux-Umgebungen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in SUSE Manager ausnutzen, um Sicherheitsvorkehrungen zu umgehen, beliebigen Code auszuführen, seine Privilegien zu erweitern und einen Denial-of-Service-Zustand zu verursachen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-1476 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1476.json", }, { category: "self", summary: "WID-SEC-2022-1476 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1476", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:0593-1 vom 2023-03-02", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-March/013958.html", }, { category: "external", summary: "SUSE Security Advisory vom 2022-09-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012289.html", }, { category: "external", summary: "SUSE Security Advisory vom 2022-09-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012286.html", }, { category: "external", summary: "SUSE Security Advisory vom 2022-09-19", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012291.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:3761-1 vom 2022-10-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012707.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:3750-1 vom 2022-10-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012690.html", }, ], source_lang: "en-US", title: "SUSE Manager: Mehrere Schwachstellen", tracking: { current_release_date: "2023-03-02T23:00:00.000+00:00", generator: { date: "2024-08-15T17:35:26.337+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-1476", initial_release_date: "2022-09-19T22:00:00.000+00:00", revision_history: [ { date: "2022-09-19T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-10-26T22:00:00.000+00:00", number: "2", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-03-02T23:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, { category: "product_name", name: "SUSE Manager < 4.2.9", product: { name: "SUSE Manager < 4.2.9", product_id: "T024662", product_identification_helper: { cpe: "cpe:/a:suse:manager:4.2.9", }, }, }, ], category: "vendor", name: "SUSE", }, ], }, vulnerabilities: [ { cve: "CVE-2021-41411", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SUSE Manager. Der Fehler besteht in der Komponente drools aufgrund einer XML External Entity (XXE) Schwachstelle in KieModuleMarshaller.java. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen.", }, ], product_status: { known_affected: [ "T002207", ], }, release_date: "2022-09-19T22:00:00.000+00:00", title: "CVE-2021-41411", }, { cve: "CVE-2021-42740", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SUSE Manager. Der Fehler besteht in der Komponente Node.js aufgrund einer Befehlsinjektion. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er durch eine Regex, die für die Unterstützung von Windows-Laufwerksbuchstaben entwickelt wurde, uneingescapte Shell-Metazeichen einfügt, um beliebigen Code auszuführen.", }, ], product_status: { known_affected: [ "T002207", ], }, release_date: "2022-09-19T22:00:00.000+00:00", title: "CVE-2021-42740", }, { cve: "CVE-2021-43138", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SUSE Manager. Der Fehler besteht in der Komponente Async in der mapValues()-Methode aufgrund einer Prototypenverschmutzung. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T002207", ], }, release_date: "2022-09-19T22:00:00.000+00:00", title: "CVE-2021-43138", }, { cve: "CVE-2022-31129", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SUSE Manager. Der Fehler besteht in der Komponente Moment aufgrund eines ineffizienten Parsing-Algorithmus. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, indem er Eingaben mit mehr als 10k Zeichen übermittelt, um einen Denial-of-Service-Zustand auszulösen.", }, ], product_status: { known_affected: [ "T002207", ], }, release_date: "2022-09-19T22:00:00.000+00:00", title: "CVE-2022-31129", }, ], }
WID-SEC-W-2023-0809
Vulnerability from csaf_certbund
Published
2023-03-30 22:00
Modified
2024-02-19 23:00
Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-0809 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0809.json", }, { category: "self", summary: "WID-SEC-2023-0809 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0809", }, { category: "external", summary: "IBM Security Bulletin: 6967283 vom 2023-03-30", url: "https://www.ibm.com/support/pages/node/6967283", }, { category: "external", summary: "IBM Security Bulletin: 6967333 vom 2023-03-30", url: "https://www.ibm.com/support/pages/node/6967333", }, { category: "external", summary: "IBM Security Bulletin 6980799 vom 2023-04-04", url: "https://www.ibm.com/support/pages/node/6980799", }, { category: "external", summary: "IBM Security Bulletin 7108657 vom 2024-01-17", url: "https://www.ibm.com/support/pages/node/7108657", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-5ECC250449 vom 2024-02-19", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5ecc250449", }, ], source_lang: "en-US", title: "IBM QRadar SIEM: Mehrere Schwachstellen", tracking: { current_release_date: "2024-02-19T23:00:00.000+00:00", generator: { date: "2024-08-15T17:47:38.606+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-0809", initial_release_date: "2023-03-30T22:00:00.000+00:00", revision_history: [ { date: "2023-03-30T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-04-04T22:00:00.000+00:00", number: "2", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-01-16T23:00:00.000+00:00", number: "3", summary: "Neue Updates von IBM aufgenommen", }, { date: "2024-02-19T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Fedora aufgenommen", }, ], status: "final", version: "4", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { branches: [ { category: "product_version", name: "7.5", product: { name: "IBM QRadar SIEM 7.5", product_id: "T022954", product_identification_helper: { cpe: "cpe:/a:ibm:qradar_siem:7.5", }, }, }, { category: "product_version_range", name: "< User Behavior Analytics 4.1.11", product: { name: "IBM QRadar SIEM < User Behavior Analytics 4.1.11", product_id: "T027026", }, }, { category: "product_version_range", name: "< 7.4.3 FP9", product: { name: "IBM QRadar SIEM < 7.4.3 FP9", product_id: "T027027", }, }, { category: "product_version_range", name: "< 7.5.0 UP5", product: { name: "IBM QRadar SIEM < 7.5.0 UP5", product_id: "T027028", }, }, ], category: "product_name", name: "QRadar SIEM", }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2023-22809", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2023-22809", }, { cve: "CVE-2022-4883", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-4883", }, { cve: "CVE-2022-46364", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-46364", }, { cve: "CVE-2022-46363", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-46363", }, { cve: "CVE-2022-45143", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-45143", }, { cve: "CVE-2022-42890", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-42890", }, { cve: "CVE-2022-4254", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-4254", }, { cve: "CVE-2022-42252", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-42252", }, { cve: "CVE-2022-41966", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-41966", }, { cve: "CVE-2022-41946", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-41946", }, { cve: "CVE-2022-41704", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-41704", }, { cve: "CVE-2022-40156", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40156", }, { cve: "CVE-2022-40155", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40155", }, { cve: "CVE-2022-40154", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40154", }, { cve: "CVE-2022-40153", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40153", }, { cve: "CVE-2022-40152", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40152", }, { cve: "CVE-2022-40150", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40150", }, { cve: "CVE-2022-40149", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-40149", }, { cve: "CVE-2022-37603", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-37603", }, { cve: "CVE-2022-37601", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-37601", }, { cve: "CVE-2022-37599", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-37599", }, { cve: "CVE-2022-37598", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-37598", }, { cve: "CVE-2022-3676", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-3676", }, { cve: "CVE-2022-36364", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-36364", }, { cve: "CVE-2022-36033", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-36033", }, { cve: "CVE-2022-34917", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-34917", }, { cve: "CVE-2022-31197", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-31197", }, { cve: "CVE-2022-31129", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-31129", }, { cve: "CVE-2022-2964", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-2964", }, { cve: "CVE-2022-28733", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-28733", }, { cve: "CVE-2022-2795", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-2795", }, { cve: "CVE-2022-25927", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-25927", }, { cve: "CVE-2022-25901", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-25901", }, { cve: "CVE-2022-25758", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-25758", }, { cve: "CVE-2022-25647", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-25647", }, { cve: "CVE-2022-24999", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-24999", }, { cve: "CVE-2022-24839", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-24839", }, { cve: "CVE-2022-24823", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-24823", }, { cve: "CVE-2022-24785", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-24785", }, { cve: "CVE-2022-23437", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-23437", }, { cve: "CVE-2022-22971", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-22971", }, { cve: "CVE-2022-22970", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-22970", }, { cve: "CVE-2022-21724", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-21724", }, { cve: "CVE-2022-21628", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-21628", }, { cve: "CVE-2022-21626", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-21626", }, { cve: "CVE-2022-21624", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-21624", }, { cve: "CVE-2022-21619", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2022-21619", }, { cve: "CVE-2021-43797", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-43797", }, { cve: "CVE-2021-42740", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-42740", }, { cve: "CVE-2021-42581", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-42581", }, { cve: "CVE-2021-39227", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-39227", }, { cve: "CVE-2021-3918", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-3918", }, { cve: "CVE-2021-3807", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-3807", }, { cve: "CVE-2021-37713", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-37713", }, { cve: "CVE-2021-37712", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-37712", }, { cve: "CVE-2021-37701", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-37701", }, { cve: "CVE-2021-3765", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-3765", }, { cve: "CVE-2021-37137", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-37137", }, { cve: "CVE-2021-37136", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-37136", }, { cve: "CVE-2021-32804", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-32804", }, { cve: "CVE-2021-32803", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-32803", }, { cve: "CVE-2021-29060", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-29060", }, { cve: "CVE-2021-26401", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-26401", }, { cve: "CVE-2021-25220", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-25220", }, { cve: "CVE-2021-23450", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23450", }, { cve: "CVE-2021-23382", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23382", }, { cve: "CVE-2021-23368", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23368", }, { cve: "CVE-2021-23364", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23364", }, { cve: "CVE-2021-23362", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23362", }, { cve: "CVE-2021-23343", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-23343", }, { cve: "CVE-2021-21409", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-21409", }, { cve: "CVE-2021-21295", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-21295", }, { cve: "CVE-2021-21290", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2021-21290", }, { cve: "CVE-2020-7764", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2020-7764", }, { cve: "CVE-2020-5259", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2020-5259", }, { cve: "CVE-2020-24025", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2020-24025", }, { cve: "CVE-2020-15366", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2020-15366", }, { cve: "CVE-2020-13936", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2020-13936", }, { cve: "CVE-2019-6286", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2019-6286", }, { cve: "CVE-2019-6284", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2019-6284", }, { cve: "CVE-2019-6283", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2019-6283", }, { cve: "CVE-2019-10785", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2019-10785", }, { cve: "CVE-2018-8036", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-8036", }, { cve: "CVE-2018-20821", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-20821", }, { cve: "CVE-2018-20190", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-20190", }, { cve: "CVE-2018-19839", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-19839", }, { cve: "CVE-2018-19838", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-19838", }, { cve: "CVE-2018-19827", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-19827", }, { cve: "CVE-2018-19797", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-19797", }, { cve: "CVE-2018-15494", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-15494", }, { cve: "CVE-2018-11698", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-11698", }, { cve: "CVE-2018-11694", notes: [ { category: "description", text: "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T022954", "74185", ], }, release_date: "2023-03-30T22:00:00.000+00:00", title: "CVE-2018-11694", }, ], }
ghsa-g4rg-993r-mgx7
Vulnerability from github
Published
2022-05-24 19:18
Modified
2024-02-02 20:50
Severity ?
Summary
Improper Neutralization of Special Elements used in a Command in Shell-quote
Details
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is [A-z] instead of the correct [A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.
{ affected: [ { database_specific: { last_known_affected_version_range: "<= 1.7.2", }, package: { ecosystem: "npm", name: "shell-quote", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "1.7.3", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2021-42740", ], database_specific: { cwe_ids: [ "CWE-77", ], github_reviewed: true, github_reviewed_at: "2022-06-21T20:08:10Z", nvd_published_at: "2021-10-21T15:15:00Z", severity: "CRITICAL", }, details: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with `exec()`, an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is `[A-z]` instead of the correct `[A-Za-z]`. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", id: "GHSA-g4rg-993r-mgx7", modified: "2024-02-02T20:50:00Z", published: "2022-05-24T19:18:27Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-42740", }, { type: "WEB", url: "https://github.com/ljharb/shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", }, { type: "PACKAGE", url: "https://github.com/ljharb/shell-quote", }, { type: "WEB", url: "https://github.com/ljharb/shell-quote/blob/master/CHANGELOG.md#173", }, { type: "WEB", url: "https://www.npmjs.com/package/shell-quote", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], summary: "Improper Neutralization of Special Elements used in a Command in Shell-quote", }
gsd-2021-42740
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.
Aliases
Aliases
{ GSD: { alias: "CVE-2021-42740", description: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", id: "GSD-2021-42740", references: [ "https://www.suse.com/security/cve/CVE-2021-42740.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2021-42740", ], details: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", id: "GSD-2021-42740", modified: "2023-12-13T01:23:06.341579Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-42740", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.npmjs.com/package/shell-quote", refsource: "MISC", url: "https://www.npmjs.com/package/shell-quote", }, { name: "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173", refsource: "CONFIRM", url: "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173", }, { name: "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", refsource: "CONFIRM", url: "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", }, ], }, }, "gitlab.com": { advisories: [ { affected_range: "<1.7.3", affected_versions: "All versions before 1.7.3", cvss_v2: "AV:N/AC:L/Au:N/C:P/I:P/A:P", cvss_v3: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", cwe_ids: [ "CWE-1035", "CWE-77", "CWE-937", ], date: "2021-10-28", description: "The shell-quote package for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z case letter a, such as the backtick character.", fixed_versions: [ "1.7.3", ], identifier: "CVE-2021-42740", identifiers: [ "CVE-2021-42740", ], not_impacted: "All versions starting from 1.7.3", package_slug: "npm/shell-quote", pubdate: "2021-10-21", solution: "Upgrade to version 1.7.3 or above.", title: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2021-42740", "https://www.npmjs.com/package/shell-quote", ], uuid: "8ce0c871-9143-4334-9743-da74fe163652", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:shell-quote_project:shell-quote:*:*:*:*:*:node.js:*:*", cpe_name: [], versionEndExcluding: "1.7.3", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-42740", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", refsource: "CONFIRM", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", }, { name: "https://www.npmjs.com/package/shell-quote", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://www.npmjs.com/package/shell-quote", }, { name: "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173", refsource: "CONFIRM", tags: [ "Third Party Advisory", ], url: "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, }, }, lastModifiedDate: "2021-10-28T13:54Z", publishedDate: "2021-10-21T15:15Z", }, }, }
fkie_cve-2021-42740
Vulnerability from fkie_nvd
Published
2021-10-21 15:15
Modified
2024-11-21 06:28
Severity ?
Summary
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| shell-quote_project | shell-quote | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:shell-quote_project:shell-quote:*:*:*:*:*:node.js:*:*", matchCriteriaId: "15FCC4D6-BC95-4B63-BDDF-DB28E3E94A38", versionEndExcluding: "1.7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", }, { lang: "es", value: "El paquete shell-quote versiones anteriores a 1.7.3 para Node.js permite una inyección de comandos. Un atacante puede inyectar metacaracteres de shell sin esconder mediante una regex diseñada para soportar letras de unidad de Windows. Si la salida de este paquete se pasa a un shell real como un argumento citado a un comando con exec(), un atacante puede inyectar comandos arbitrarios. Esto es debido a que la clase de caracteres regex de la letra de unidad de Windows es {A-z] en lugar de la correcta {A-Za-z]. Se presentan varios metacaracteres del shell en el espacio entre la letra Z mayúscula y la letra a minúscula, como el carácter backtick", }, ], id: "CVE-2021-42740", lastModified: "2024-11-21T06:28:04.853", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-21T15:15:07.633", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.npmjs.com/package/shell-quote", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/substack/node-shell-quote/blob/master/CHANGELOG.md#173", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/substack/node-shell-quote/commit/5799416ed454aa4ec9afafc895b4e31760ea1abe", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.npmjs.com/package/shell-quote", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.